Security

Subscribe

Follow Us

Featured Post
Aug 10, 2022

Securing the software supply chain through automated attestation

Standards bodies want to know how orgs are protecting against software tampering. Learn how automating compliance attestation can help. Read on

Recent Posts

Post Image

Want to start hacking? Here's how to quickly dive in

Jul 27, 2022

We asked one of our top 10 hacker contributors, Johan Carlsson, to share his novel approach to bug bounty hunting.

Post Image

Top 5 compliance features to leverage in GitLab

Jul 13, 2022

Highlighting features we use daily, our security team outlines 5 ways to configure your GitLab instance for increased security and compliance.

Post Image

Tackle a Plan of Actions and Milestones with GitLab’s risk management features

Jul 7, 2022

The One DevOps Platform helps identify interdependencies and vulnerabilities as required by government compliance frameworks.

Post Image

Use Streaming Audit Events to connect your technology stack with GitLab and Pipedream

Jun 27, 2022

Automation lets your DevSecOps teams have logic in place for how to handle events as they come in.

Post Image

GitLab's commitment to enhanced application security in the modern DevOps world

Jun 21, 2022

Security abounds in our latest DevOps platform release, GitLab 15.

Post Image

Terraform as part of the software supply chain, Part 1 - Modules and Providers

Jun 1, 2022

We examine the supply chain aspects of Terraform, starting with a closer look at malicious Terraform modules and providers and how you can better secure them.

Post Image

How we run Red Team operations remotely

May 11, 2022

Our team shares the process and templates that drive our successful red team ops in our all-remote environment.

Post Image

Updates regarding Rubygems ‘Unauthorized gem takeover for some gems’ vulnerability CVE-2022-29176

May 9, 2022

Actions we've taken to investigate the Rubygems takeover vulnerability.

Post Image

One DevOps platform can help you achieve DevSecOps

May 9, 2022

GitLab drives innovation in the AST market to secure cloud-native applications.

Post Image

Updates regarding Spring remote code execution vulnerabilities CVE-2022-22965 and CVE-2022-22963

Apr 7, 2022

Actions we've taken to investigate the Spring RCE vulnerabilities.

Post Image

How to ensure separation of duties and enforce compliance with GitLab

Apr 4, 2022

Use your DevOps platform to help maintain compliance without compromising on development speed.

Post Image

Comply with NIST's secure software supply chain framework with GitLab

Mar 29, 2022

The U.S. government's Secure Software Development Framework has four key practices. GitLab's DevOps platform has features to address them all.

Post Image

How GitLab's integration with Rezilion reduces vulnerability backlog and identifies exploitable risks

Baksheesh Singh Ghuman
Mar 23, 2022

The native integration helps developers detect and remediate vulnerabilities that are exploitable early on in the development process.

Post Image

Action we've taken in response to a potential Okta breach

Mar 22, 2022

Actions we've taken to investigate a potential Okta breach.

Post Image

Security hygiene best practices for GitLab users

Mar 21, 2022

Security hygiene measures that GitLab.com and Self-managed users should consider implementing.

Open in Web IDE View source