How GitLab built a security control framework from scratch
GitLab's Security Compliance team created a custom control framework to scale across multiple certifications and products — here's why and how you can, too.
Read PostSecurity Labs
Learn about cybersecurity trends, best practices, and third-party threats to secure your code and digital infrastructure.
Featured post
Recent posts
Security Labs
GitLab Threat Intelligence Team reveals North Korean tradecraft
Gain threat intelligence about North Korea’s Contagious Interview and fake IT worker campaigns and learn how GitLab disrupted their operations.
Security Labs
GitLab discovers widespread npm supply chain attack
Malware driving attack includes "dead man's switch" that can harm user data.
Security Labs
Self-service security alert handling with GitLab's UAM
The User Attestation Module automates security alerts by routing them directly to team members for verification, reducing manual SecOps work and enhancing audit trails.
Security Labs
How GitLab measures Red Team impact: The adoption rate metric
Follow our journey to develop and implement better metrics, including how we used GitLab to track our results end-to-end. Also find out the lessons learned along the way.
Security Labs
Automating cybersecurity threat detections with GitLab CI/CD
Discover how GUARD automates cybersecurity threat detections through the use of GitLab CI/CD and how it ensures high-quality detections.
Security Labs
Unveiling the GUARD framework to automate security detections at GitLab
The GitLab Universal Automated Response and Detection (GUARD) framework spans creation, maintenance, alert routing and handling, rich metrics collection, and more.
Security Labs
How GitLab's Red Team automates C2 testing
Learn how to apply professional development practices to Red Teams using open source command and control tools.
