Browse articles from Security
Happy birthday, Secure by Design!
The U.S. government's initiative to ensure greater security in software products turns one. Find out what GitLab has done to align with this critical effort.
GitLab introduces new CIS Benchmark for improved security
Learn why CIS Benchmarks matter, how the CIS GitLab Benchmark was created, and how to use it to properly secure your GitLab installation.
Integrate external security scanners into your DevSecOps workflow
Learn how to bring Snyk scan results into the merge request widget by parsing JSON artifacts and leveraging the SARIF file format.
Important information regarding xz-utils (CVE-2024-3094)
Affected software not used for GitLab.com, GitLab Dedicated, or default self-hosted software packages.
GitLab Security Release: 16.10.1, 16.9.3, 16.8.5
Learn more about GitLab Security Release: 16.10.1, 16.9.3, 16.8.5 for GitLab Community Edition (CE) and Enterprise Edition (EE).
Coming soon: GitLab dependency firewall
Learn how this new feature will help organizations avoid supply chain software attacks by warning them or blocking the download based on a project's policy.
We’re combining patch and security releases
This improvement in our release process matches the industry standard and will help GitLab users get information about security and bug fixes sooner.
New to GitLab and not sure where to start?
Get started guideLearn about what GitLab can do for your team
Talk to an expert