When technology outpaces security compliance
Where does today's tech transformation leave tomorrow's security compliance? A senior security analyst tackles the question. Read on
Ask GitLab Security: Paul Harrison
What’s it like working to secure one of the most transparent organizations in the world? Meet our security team.
How GitLab went about choosing the right compliance framework
Independent vs aggregate? Determining the most effective security controls approach for any organization has many considerations.
Inside the GitLab public bug bounty program
Four months since going public with our bug bounty program, we dive into where we’re at, what success looks like, and what to expect down the road.
Agile iteration: My unique onboarding experience at GitLab
How I learned to iterate quickly during my first week at GitLab.
Group Runner Registration Token Vulnerability
How we responded to a vulnerability in group runner registration tokens.
GitLab's security tools and the HIPAA risk analysis
A closer look at GitLab’s security scanning tools and the HIPAA risk analysis.
The evolution of Zero Trust
Zero Trust may be one of the hottest topics in security today, but it's not exactly new. Here's a history.
An update on project runner registration token exposed through issues quick actions vulnerability
How we responded to a vulnerability in quick actions for issues that can expose project runner registration tokens to unauthorized users.
A deep dive into the Security Analyst persona
See how we created our new Security Analyst persona, and how we are already putting it to use.