Security

Learn what organizations should keep in mind while incorporating software supply chain security into their software development lifecycle.

Learn how to identify your risk for CVE-2022-3786 and CVE-2022-3602.

Learn what a software bill of materials is and why it has become an integral part of modern software development.

Learn the role of SBOMs in helping to secure your software supply chain and how to generate them with the GitLab + Rezilion integration.

Learn how to add a Let's Encrypt TLS certificate to a website hosted and managed via GitLab Pages.

Pair IBoMs and SBOMs for a more secure software supply chain.

Software supply chain security is top of mind for DevOps teams but just how well do you know this topic? Try your hand at our quiz.

We created a private project containing a file with a flag. Use a permission-related vulnerability to bypass access control (without user interaction) and read the flag for a $20K USD bonus.

Integration of fraud detection and prevention tool into authentication flow increases risk reduction.

Learn how DevOps and zero trust have matured into a solid pairing and the security considerations that come into play.

A basic understanding of what compliance means and how it impacts DevOps.

Standards bodies want to know how orgs are protecting against software tampering. Learn how automating compliance attestation can help.

We asked one of our top 10 hacker contributors, Johan Carlsson, to share his novel approach to bug bounty hunting.

Highlighting features we use daily, our security team outlines 5 ways to configure your GitLab instance for increased security and compliance.

The One DevOps Platform helps identify interdependencies and vulnerabilities as required by government compliance frameworks.