How we run Red Team operations remotely
Our team shares the process and templates that drive our successful red team ops in our all-remote environment. Read on
Updates regarding Rubygems ‘Unauthorized gem takeover for some gems’ vulnerability CVE-2022-29176
Actions we've taken to investigate the Rubygems takeover vulnerability.
One DevOps platform can help you achieve DevSecOps
GitLab drives innovation in the AST market to secure cloud-native applications.
Updates regarding Spring remote code execution vulnerabilities CVE-2022-22965 and CVE-2022-22963
Actions we've taken to investigate the Spring RCE vulnerabilities.
How to ensure separation of duties and enforce compliance with GitLab
Use your DevOps platform to help maintain compliance without compromising on development speed.
Comply with NIST's secure software supply chain framework with GitLab
The U.S. government's Secure Software Development Framework has four key practices. GitLab's DevOps platform has features to address them all.
How GitLab's integration with Rezilion reduces vulnerability backlog and identifies exploitable risks
The native integration helps developers detect and remediate vulnerabilities that are exploitable early on in the development process.
Action we've taken in response to a potential Okta breach
Actions we've taken to investigate a potential Okta breach.
Security hygiene best practices for GitLab users
Security hygiene measures that GitLab.com and Self-managed users should consider implementing.
How GitLab handles security bugs (and why it matters)
Learn what makes our approach to handling and transparently disclosing security bugs unique.
Introducing a community-driven advisory database for third-party software dependencies
The advisory data can be readily adopted, adapted, and exchanged. Learn more here.
GitLab’s newest continuous compliance features bolster software supply chain security
Business leaders and DevOps teams can continuously mitigate the risk of cloud-native environments and use guard rails to automate software compliance.
Using the GitLab GraphQL API for vulnerability reporting
Follow along as we teach you how to use GitLab GraphQL API to manage vulnerabilities programatically.
Detecting and alerting on anomalies in your container host with GitLab + Falco
Learn how to install and use Falco to detect anomalies in your containers
How elite DevOps teams secure the software supply chain
The time is now to integrate security into your DevOps processes - your business will be better for it.
How to tailor SAST and Secret Detection to your application context with custom rulesets
How you can use GitLab custom rulesets to customize security scanners to your needs.