Blog Security

Browse articles from Security

securitycompliance.jpeg
Happy birthday, Secure by Design! The U.S. government's initiative to ensure greater security in software products turns one. Find out what GitLab has done to align with this critical effort. Author: Joel Krooswyk Read Post
Security security-checklist.png

GitLab introduces new CIS Benchmark for improved security

Learn why CIS Benchmarks matter, how the CIS GitLab Benchmark was created, and how to use it to properly secure your GitLab installation.

Security code - cover

Integrate external security scanners into your DevSecOps workflow

Learn how to bring Snyk scan results into the merge request widget by parsing JSON artifacts and leveraging the SARIF file format.

Security securitycheck.png

Important information regarding xz-utils (CVE-2024-3094)

Affected software not used for GitLab.com, GitLab Dedicated, or default self-hosted software packages.

Security security-cover-new.png

GitLab Security Release: 16.10.1, 16.9.3, 16.8.5

Learn more about GitLab Security Release: 16.10.1, 16.9.3, 16.8.5 for GitLab Community Edition (CE) and Enterprise Edition (EE).

Security built-in-security.jpeg

Coming soon: GitLab dependency firewall

Learn how this new feature will help organizations avoid supply chain software attacks by warning them or blocking the download based on a project's policy.

Security securitycheck.png

We’re combining patch and security releases

This improvement in our release process matches the industry standard and will help GitLab users get information about security and bug fixes sooner.

Security cloudcomputing.jpeg

Simplify your cloud account management for Kubernetes access

In this tutorial, learn how to use the GitLab agent for Kubernetes and its user impersonation features for secure cluster access.

Security securitycheck.png

How to implement secret management best practices with GitLab

Insecure secret management practices pose a risk for companies tasked with storage and protection of customer data. Learn how to reduce this risk and increase trust.

Security built-in-security.jpeg

The ultimate guide to least privilege access with GitLab

This tutorial demonstrates how to achieve least privilege access using custom roles, security policies, compliance pipelines, branch protections, and more.

Ready to get started?

See what your team could do with a unified DevSecOps Platform.

Get free trial

New to GitLab and not sure where to start?

Get started guide

Learn about what GitLab can do for your team

Talk to an expert