Security

Subscribe

Follow Us

Featured Post
Nov 9, 2022

How we boosted WebAuthn adoption from 20 percent to 93 percent in two days

With phishing campaigns on the rise across the industry, we accelerated rollout of a program to further enhance our security hygiene program. This is how we did it. Read on

Recent Posts

Post Image

Top challenges to securing the software supply chain

Nov 7, 2022

Learn what organizations should keep in mind while incorporating software supply chain security into their software development lifecycle.

Post Image

New OpenSSL 3.0 vulnerabilities: What you need to know to find and fix them

GitLab Security Team
Nov 1, 2022

Learn how to identify your risk for CVE-2022-3786 and CVE-2022-3602.

Post Image

The ultimate guide to SBOMs

Oct 25, 2022

Learn what a software bill of materials is and why it has become an integral part of modern software development.

Post Image

Meet the demand for SBOMs and supply chain security with GitLab and Rezilion

Oct 17, 2022

Learn the role of SBOMs in helping to secure your software supply chain and how to generate them with the GitLab + Rezilion integration.

Post Image

GitLab and Let's Encrypt partner to improve website security

Learn how to add a Let's Encrypt TLS certificate to a website hosted and managed via GitLab Pages.

Post Image

Introducing the infrastructure bill of materials

Cindy Blake
Sep 22, 2022

Pair IBoMs and SBOMs for a more secure software supply chain.

Post Image

Test your software supply chain security know-how

Sep 6, 2022

Software supply chain security is top of mind for DevOps teams but just how well do you know this topic? Try your hand at our quiz.

Post Image

Give it a go: Capture the flag for $20K USD in our bug bounty program

Aug 24, 2022

We created a private project containing a file with a flag. Use a permission-related vulnerability to bypass access control (without user interaction) and read the flag for a $20K USD bonus.

Post Image

GitLab adds further measures to combat credential stuffing and other types of platform abuse

Aug 19, 2022

Integration of fraud detection and prevention tool into authentication flow increases risk reduction.

Post Image

Why DevOps and zero trust go together

Aug 17, 2022

Learn how DevOps and zero trust have matured into a solid pairing and the security considerations that come into play.

Post Image

The importance of compliance in DevOps

Aug 15, 2022

A basic understanding of what compliance means and how it impacts DevOps.

Post Image

Securing the software supply chain through automated attestation

Aug 10, 2022

Standards bodies want to know how orgs are protecting against software tampering. Learn how automating compliance attestation can help.

Post Image

Want to start hacking? Here's how to quickly dive in

Jul 27, 2022

We asked one of our top 10 hacker contributors, Johan Carlsson, to share his novel approach to bug bounty hunting.

Post Image

Top 5 compliance features to leverage in GitLab

Jul 13, 2022

Highlighting features we use daily, our security team outlines 5 ways to configure your GitLab instance for increased security and compliance.

Post Image

Tackle a Plan of Actions and Milestones with GitLab’s risk management features

Jul 7, 2022

The One DevOps Platform helps identify interdependencies and vulnerabilities as required by government compliance frameworks.

Open in Web IDE View source