Blog Security GitLab Trust Center: Welcome to self-service customer assurance
Published on: January 9, 2024
4 min read

GitLab Trust Center: Welcome to self-service customer assurance

The single, unified trust center provides access to security and privacy collateral, streamlined questionnaire submissions, an interactive knowledge base, and GitLab updates.

gitlabflatlogomap.png

GitLab, the most comprehensive AI-powered DevSecOps platform, exhibits unity, simplicity, and efficiency. To effectively represent GitLab and support our customers, we created the GitLab Trust Center, a centralized, interactive, information portal that exhibits the same characteristics.

The GitLab Trust Center is powered by SafeBase, which allows us to maintain a single, unified location for communicating our compliance and assurance credentials, hosting our security and privacy documentation for customer consumption, sharing important notices such as responses to third-party breaches, and hosting our internal knowledge base where customers can readily access the same answers we provide in questionnaire responses. The GitLab Trust Center includes a portal for both GitLab.com and GitLab Dedicated.

Creating the GitLab Trust Center

When I joined GitLab in 2022, a single, unified trust center did not exist. We maintained two distinct pages, our "Trust Center" page, which primarily highlighted our compliance and assurance credentials, and our Customer Assurance Package (CAP) page, which allowed the community to preview the different CAPs we maintained, review the documents contained within each package, and download/request each package.

While these pages allowed us to support our customers' requests, they could be difficult to find and were supported by manual processes to triage inbound requests for security documentation, questionnaires, and other miscellaneous security and privacy requests. We needed to redefine our processes and deploy a trust center that represented GitLab.

trust center screenshot

The benefits of the GitLab Trust Center

Let's dive into the biggest benefits of the new Trust Center.

Self-service consumption of security and privacy collateral

Customers can download all of our available security and privacy collateral directly from the GitLab Trust Center.

For documents that require an NDA, prospects and customers can sign the NDA directly in SafeBase to receive access to documents in minutes rather than days.

Streamlined questionnaire submissions

For customers with questions that are not answered by the available collateral or knowledgebase, the GitLab Trust Center offers an interface to upload questions directly.

Customers can use the "Submit a Questionnaire" button in the upper right corner of the Trust Center to submit a questionnaire or a link to their third-party questionnaire portal.

trust center questionnaire

This simple process allows us to centralize our customer assurance activities in a single location and empowers customers to be self-sufficient, which will ultimately accelerate security review processes.

GitLab updates subscription

Customers can now subscribe to the GitLab Trust Center for the latest updated collateral documents and communications related to third-party security incidents.

This proactive approach delivers important and actionable information as quickly as possible and further enables our customers to be self-sufficient through their existing workflows.

trust center subscribe

Trust through transparency

At GitLab, we believe transparency is a critical component of building trust. As a handbook-first company, we publicize a wealth of information, including all of our controlled documents (policies, standards, etc.), many of our internal processes, and much more!

To fully support our transparent culture and to enable our customers to be as self-sufficient as possible, we have made our knowledge base publicly available through the GitLab Trust Center so all customers can self-serve answers to their questions at any time.

The knowledge base consists of questions and answers related to many different topics that are typically found in vendor review questionnaires. You can search and filter for the information you need to support your third-party risk management (TPRM) reviews and confirm that GitLab is a trusted partner that will enable your organization to unlock its full potential and develop secure code faster.

Learn more

To learn more about our 100% self-service customer assurance process and how you can streamline your TPRM review, visit the GitLab Trust Center and explore all of the great content and resources available to you.

We want to hear from you

Enjoyed reading this blog post or have questions or feedback? Share your thoughts by creating a new topic in the GitLab community forum. Share your feedback

Ready to get started?

See what your team could do with a unified DevSecOps Platform.

Get free trial

Find out which plan works best for your team

Learn about pricing

Learn about what GitLab can do for your team

Talk to an expert