Security

A basic understanding of what compliance means and how it impacts DevOps.

Standards bodies want to know how orgs are protecting against software tampering. Learn how automating compliance attestation can help.

We asked one of our top 10 hacker contributors, Johan Carlsson, to share his novel approach to bug bounty hunting.

Highlighting features we use daily, our security team outlines 5 ways to configure your GitLab instance for increased security and compliance.

The One DevOps Platform helps identify interdependencies and vulnerabilities as required by government compliance frameworks.

Automation lets your DevSecOps teams have logic in place for how to handle events as they come in.

Security abounds in our latest DevOps platform release, GitLab 15.

We examine the supply chain aspects of Terraform, starting with a closer look at malicious Terraform modules and providers and how you can better secure them.

Our team shares the process and templates that drive our successful red team ops in our all-remote environment.

Actions we've taken to investigate the Rubygems takeover vulnerability.

GitLab drives innovation in the AST market to secure cloud-native applications.

Actions we've taken to investigate the Spring RCE vulnerabilities.

Use your DevOps platform to help maintain compliance without compromising on development speed.

The U.S. government's Secure Software Development Framework has four key practices. GitLab's DevOps platform has features to address them all.

The native integration helps developers detect and remediate vulnerabilities that are exploitable early on in the development process.