Security

Subscribe

Follow Us

Featured Post
Oct 17, 2023

Enterprise-scale security and compliance policy management in the AI era

A look at how GitLab Security Policy Management can help your security and compliance keep up with the pace of software development. Read on

Recent Posts

Post Image

GitLab’s response to a high severity vulnerability impacting curl and libcurl

Joseph Longo, Vitor Meireles De Sousa
Oct 12, 2023

Learn about CVE-2023-38545, which leverages a heap buffer overflow through the SOCKS5 protocol, and what it means for GitLab customers.

Post Image

Introducing GitLab browser-based active checks in DAST

Oct 10, 2023

As of GitLab 16.4, or DAST 4.0.9, browser-based DAST active scans will search for path traversal vulnerabilities using the GitLab check 22.1 instead of the ZAP alert 6.

Post Image

Ask a hacker - 0xn3va

Oct 2, 2023

Vladislav Nechakhin or @0xn3va, one of our top 10 hacker contributors, joined us for an AMA and details his approach and strategy for bug bounty hunting.

Post Image

Unmasking password attacks at GitLab

GitLab Security Team
Sep 28, 2023

Our security team has identified an increased volume of password attacks against GitLab.com on the OAuth API endpoint since September 22, 2023. Learn more.

Post Image

How GitLab supports NSA and CISA CI/CD security guidance

Sep 19, 2023

GitLab can support your alignment with NSA and CISA CI/CD recommendations and best practices for cloud-based DevSecOps environments.

Post Image

The ultimate guide to enabling SAML and SSO on GitLab.com

Sep 14, 2023

Learn how to make full use of SAML and SSO security features on the GitLab DevSecOps platform.

Post Image

Streamline security with keyless signing and verification in GitLab

Sep 13, 2023

Our partnership with Sigstore means that with just a few lines in a yml file, GitLab customers can make their development environment more secure.

Post Image

How GitLab can support your ISO 27001 compliance journey

Sep 6, 2023

As a strategic partner, GitLab's software security features can help support your ISO 27001 compliance.

Post Image

Meet regulatory standards with GitLab compliance & security policy management

Aug 17, 2023

Compliance is more than one-off audits; it's a continuous process of efficiently managing risk by implementing guardrails and monitoring specific metrics.

Post Image

Use GitLab and MITRE ATT&CK Navigator to visualize adversary techniques

Aug 9, 2023

This tutorial helps build and deploy a customized version of MITRE's ATT&CK Navigator using GitLab CI/CD and GitLab Pages.

Post Image

The backstory on GitLab's security hardening documentation

Aug 1, 2023

GitLab has detailed documentation about how to harden your instance, now as a part of GitLab itself. Here's how it came to be.

Post Image

How GitLab can help you prepare for your SOC 2 audit

Jul 18, 2023

Learn about features in the DevSecOps platform geared toward a SOC2 audit.

Post Image

SecureFlag integrated with GitLab for rapid vulnerability remediation

Jun 29, 2023

Empower developers with hands-on security training within the DevSecOps platform.

Post Image

How OIDC can simplify authentication of GitLab CI/CD pipelines with Google Cloud

Hiroki Suezawa, Dhruv Jain
Jun 28, 2023

OpenID Connect can sometimes be complex, but it's the safer and recommended way to authenticate your GitLab pipeline with Google Cloud. This tutorial shows you how.

Post Image

Managing multiple environments with Terraform and GitLab CI

Noah Ing, Sophia Manicor
Jun 14, 2023

This tutorial shows how to set up and manage three different environments in one project using GitLab CI and Terraform.

Edit this page View source