Reduce supply chain risk with SBOM-based dependency scanning
Detect transitive dependencies, trace how they entered your project, and prioritize them by real-world exposure.
Read PostBrowse articles that include the security tag
Featured post
Recent posts
Security
Full security scanner coverage of your codebase in minutes
Security configuration profiles lead to faster scanner rollouts. Learn how this new capability in GitLab 19.0 covers thousands of projects in minutes, no gaps.
Security
Manage CI/CD credentials with GitLab Secrets Manager
Each secret is scoped to its environment or branch and governed by the same controls you use for code. Join the public beta in GitLab 19.0.
Security
Harden your pipeline perimeter for the era of AI-assisted coding
The pipeline is now where humans, agents, and third-party code converge. Companies need a control plane that sees, enforces, and fixes every change.
Security
5 ways to fix misleading vulnerability severities with policy
Default CVSS scores don't reflect your actual risk. Use GitLab severity override policies to automate adjustments based on CVE, CWE, file path, and directory.
Security
Limit credential exposure with fine-grained personal access tokens
Explore tokens that carry only the permissions they need, and nothing more. Then join the beta program.
Security Labs
How to detect and prevent Contagious Interview IDE attacks
Learn how we built custom controls that detect and prevent malware campaigns like those used for Contagious Interview and how to deploy them in your environment.
Security Labs
Build an automated detection testing framework with GitLab CI/CD and Duo
Learn how GitLab's Signals Engineering team built the WATCH framework to continuously validate our security monitoring pipeline.
Find out which plan works best for your team
Learn about pricingLearn about what GitLab can do for your team
Talk to an expert