Posts in Security

For timely security release updates please subscribe to our security release RSS feed.

We’re increasing bounties in our bug bounty program

Zero Trust at GitLab: Where do we go from here?

Zero Trust at GitLab: Implementation challenges (and a few solutions)

Why we're reducing the time to payout and launching a bug bounty anniversary contest

Zero Trust at GitLab: Mitigating challenges with data zones and authentication scoring

Zero Trust at GitLab: The data classification and infrastructure challenge

American Fuzzy Lop on GitLab: Automating instrumented fuzzing using pipelines

Zero Trust at GitLab: Problems, goals, and coming challenges

What we learned by taking our bug bounty program public

Turning the Adobe CCF into the GitLab Control Framework (it’s all open source!)

Ask GitLab Security: Alexander Dietrich

Ask GitLab Security: Roger Ostrander

When technology outpaces security compliance

Ask GitLab Security: Paul Harrison

How GitLab went about choosing the right compliance framework

Inside the GitLab public bug bounty program

Agile iteration: My unique onboarding experience at GitLab

GitLab's security tools and the HIPAA risk analysis

Group Runner Registration Token Vulnerability

The evolution of Zero Trust

An update on project runner registration token exposed through issues quick actions vulnerability

A deep dive into the Security Analyst persona