GitLab can help you with your SOX compliance

Building SOX Compliant Applications with GitLab

In 2002 the United States Congress passed the Sarbanes-Oxley Act, also known as SOX to help protect the public from fraudulent practices by corporations. For publicly traded companies, SOX compliance is critical. The software development process of these organizations must be designed, developed, tested, and deployed in ways that adhere to SOX compliance.

GitLab can help you meet SOX IT General Controls (ITGC) compliance requirements by providing you a powerful set of features that support best practice in software development from a single platform.

New features are added to GitLab on the 22nd of every month.

Access controls

GitLab provides an access control system that allows you to easily maintain the principle of least privilege, ensuring that your users only have access to what they need to do their job.

IT security

GitLab provides many built in capabilities such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Container Scanning, Dependency Scanning, and Vulnerability Reporting.

Data backup

GitLab provides backup and restore procedures to ensure your data is not lost.

Change management

GitLab makes it easy to define and enforce policies for all software changes while maintaining a record of what was changed, when it was changed, and who changed it.

Compliance Resources

• HIPAA Compliance
• PCI Compliance