Security

Subscribe

Follow Us

Featured Post

Introducing a community-driven advisory database for third-party software dependencies

The advisory data can be readily adopted, adapted, and exchanged. Learn more here. Read on

Recent Posts

Post Image

GitLab’s newest continuous compliance features bolster software supply chain security

Feb 9, 2022

Business leaders and DevOps teams can continuously mitigate the risk of cloud-native environments and use guard rails to automate software compliance.

Post Image

Using the GitLab GraphQL API for vulnerability reporting

Feb 2, 2022

Follow along as we teach you how to use GitLab GraphQL API to manage vulnerabilities programatically.

Post Image

Detecting and alerting on anomalies in your container host with GitLab + Falco

Jan 20, 2022

Learn how to install and use Falco to detect anomalies in your containers

Post Image

How elite DevOps teams secure the software supply chain

Jan 6, 2022

The time is now to integrate security into your DevOps processes - your business will be better for it.

Post Image

How to tailor SAST and Secret Detection to your application context with custom rulesets

How you can use GitLab custom rulesets to customize security scanners to your needs.

Post Image

GitLab Security in 2021: protect, enhance, certify and strengthen

Dec 17, 2021

Join our Security team as we review how we worked to keep GitLab, and our community, secure this past year.

Post Image

Updates and actions to address Log4j CVE 2021 44228 and CVE 2021 45046 in GitLab

Dec 15, 2021

Actions we’ve taken to investigate and mitigate the impact of Log4j, and actions our users can take.

Post Image

2021: Smashing bugs and dropping names

Dec 14, 2021

We take a look at some of the big things that happened in our Bug Bounty program this last year and celebrate the contributions of the bug bounty hunters who make it all possible.

Post Image

GitLab Technical Certifications program wins 5 awards at LearnX Conference

Dec 3, 2021

GitLab's Tech Certification programs won 5 different awards at this year's LearnX conference.

Post Image

Three things you might not know about GitLab security

Nov 23, 2021

There's so much more to GitLab's security offering than meets the eye. Here are three features you may have missed.

Post Image

Deep dive: the tech stack behind Spamcheck

We take a closer look at the tooling, technical choices, metrics and lessons learned behind our new anti-abuse tool.

Post Image

Top five actions engineers should take based on the OWASP Top 10 2021 security updates

Nov 15, 2021

Learn what actions engineers should take based on the OWASP Top 10 updates for 2021

Post Image

Action needed by self-managed customers in response to CVE-2021-22205

Nov 4, 2021

Self-managed users using outdated versions should update immediately.

Post Image

Our 3rd annual bug bounty contest: the swagtastic sequel to the sequel

Nov 1, 2021

We’re running a bug bounty contest November 1 thru December 3. Find a bug and be entered to win some sweet custom swag. What’s better than a contest? Increased bounty ranges!

Open in Web IDE View source