Security

Subscribe

Follow Us

Featured Post
May 20, 2020

GitLab instance: security best practices

Default settings on products can be massively helpful. However, when it comes to hardening your GitLab instance, we’ve got some helpful configuration recommendations from our security team. Read on

Recent Posts

Post Image

The benefits of transparency in a compliance audit

Apr 28, 2020

We’re transparent by default, and just completed our first SOC 2 Type 1 audit! How does our public-first stance affect our compliance efforts and impact an audit?

Post Image

How we approach open source security

Apr 10, 2020

Open source software presents unique security challenges. Here’s what you need to know.

Post Image

Top 6 security trends in GitLab-hosted projects

Apr 2, 2020

Using components with known vulnerabilities is the most common security problem in GitLab.com-hosted projects.

Post Image

How to exploit parser differentials

Mar 30, 2020

Your guide to abusing 'language barriers' between web components.

Post Image

We answer your most popular questions about our Zero Trust journey

Feb 19, 2020

From why we chose Okta to issues around data fluidity, here are answers to your most-asked ZT questions.

Post Image

GitLab is now a member of the OWASP Foundation

Jan 21, 2020

GitLab is thrilled to announce our membership in the OWASP Foundation.

Post Image

Celebrating a million dollars in bounties paid

Jan 14, 2020

Our bug bounty program has grown, expanded and matured in the past 5 years. A lot can happen in a million dollars’ time.

Post Image

Introducing Token-Hunter

Dec 20, 2019

Our red team has created a new tool to find sensitive data in the vast, wide-open.

Post Image

Bugs, bounties, and cherry browns

Dec 12, 2019

Cheers, our bug bounty program is celebrating one year!

Post Image

Shopping for an admin account via path traversal

Nov 29, 2019

How to exploit a path traversal issue to gain an admin account

Post Image

How to overcome toolchain security challenges with GitLab

Nov 20, 2019

Use GitLab to control your toolchain sprawl, improve team communication and productivity, and secure your DevOps lifecycle.

Post Image

We are increasing bounties in our bug bounty program

Nov 18, 2019

We're now offering higher bounties for critical and high severity reports.

Post Image

Zero Trust at GitLab: Where do we go from here?

Oct 15, 2019

We take a look back at how far we've come in our ZTN implementation, and at the progress we still need to make.

Post Image

Zero Trust at GitLab: Implementation challenges (and a few solutions)

Oct 2, 2019

Implementing change in an already working environment always brings its fair share of growing pains. What happens when that change is Zero Trust?

Git is a trademark of Software Freedom Conservancy and our use of 'GitLab' is under license