Security

Subscribe

Follow Us

Featured Post
Aug 12, 2020

How to play GitLab's Capture the Flag at home

Our AppSec team built and ran a CTF, and now it's available for you to play at home. Read on

Recent Posts

Post Image

How to benchmark security tools: a case study using WebGoat

Aug 11, 2020

When tasked to compare security tools, it's critical to understand what's a fair benchmark. We take you step by step through WebGoat's lessons and compare them to SAST and DAST results.

Post Image

How to secure your dependencies with GitLab and WhiteSource

Aug 10, 2020

We walk you through how to configure WhiteSource in your GitLab instance to enhance your application security.

Post Image

Get better container security with GitLab: 4 real-world examples

Jul 28, 2020

Containers are increasingly popular – and increasingly vulnerable. Using four threat scenarios, we step through how GitLab's built-in security features will make containers safer.

Post Image

How to capitalize on GitLab Security tools with external CI

Jul 10, 2020

Learn how to call Jenkins jobs from GitLab and configure deterministic security jobs.

Post Image

How secure is GitLab?

Jun 24, 2020

Learn about GitLab's commitment to security and compliance, our security program maturity and accreditations.

Post Image

GitLab instance: security best practices

May 20, 2020

Default settings on products can be massively helpful. However, when it comes to hardening your GitLab instance, we’ve got some helpful configuration recommendations from our security team.

Post Image

The benefits of transparency in a compliance audit

Apr 28, 2020

We’re transparent by default, and just completed our first SOC 2 Type 1 audit! How does our public-first stance affect our compliance efforts and impact an audit?

Post Image

How we manage open source security software

Apr 10, 2020

Open source software presents unique security challenges. Here’s what you need to know.

Post Image

Top 6 security trends in GitLab-hosted projects

Apr 2, 2020

Using components with known vulnerabilities is the most common security problem in GitLab.com-hosted projects.

Post Image

How to exploit parser differentials

Mar 30, 2020

Your guide to abusing 'language barriers' between web components.

Post Image

We answer your most popular questions about our Zero Trust journey

Feb 19, 2020

From why we chose Okta to issues around data fluidity, here are answers to your most-asked ZT questions.

Post Image

GitLab is now a member of the OWASP Foundation

Jan 21, 2020

GitLab is thrilled to announce our membership in the OWASP Foundation.

Post Image

Celebrating a million dollars in bounties paid

Jan 14, 2020

Our bug bounty program has grown, expanded and matured in the past 5 years. A lot can happen in a million dollars’ time.

Post Image

Introducing Token-Hunter

Dec 20, 2019

Our red team has created a new tool to find sensitive data in the vast, wide-open.

Git is a trademark of Software Freedom Conservancy and our use of 'GitLab' is under license