is now in public beta!
Browse articles that include the security tag
Recent posts
Security
How we’re using DAST 2 for easier scan configuration and reduced noise
Our security team upgraded to GitLab’s DAST 2. Here’s how and why we did it.
Security
Threat modeling the Kubernetes Agent: from MVC to continuous improvement
Learn how we put our threat model into action iteratively and expanded the process into a full-fledged standalone activity.
News
Updates to de-identifying Service Usage Data
GitLab is creating a process to pseudonymize directly identifiable Service Usage Data for SaaS customers. There will be no changes to the service data usage policy.
Security
SemVer versioning: how we handled it with linear interval arithmetic
SemVer versioning made it difficult to automate processing. We turned to linear interval arithmetic to come up with a unified, language-agnostic semantic versioning approach.
DevSecOps
How to deploy the GitLab Agent for Kubernetes with limited permissions
Learn how to deploy the GitLab Agent for Kubernetes with Limited Permissions.
Security
How to write and continuously test vulnerability detection rules for SAST
Interns with the Google Summer of Code helped GitLab transition from our old SAST tools to Semgrep.
Security
Why are developers so vulnerable to drive-by attacks?
The complexity of developer working environments make them more likely to be vulnerable to a drive-by attack. We talk about why and walk you through a real-life example from a recent disclosure here at GitLab, and provide tips to reduce the risk and impact of drive-by attacks.
Find out which plan works best for your team
Learn about pricingLearn about what GitLab can do for your team
Talk to an expert