Gitlab hero border pattern left svg Gitlab hero border pattern right svg Background wave
GitLab
vs
GitHub
Decision Kit
Decision Kit
GitLab vs. GitHub for DevSecOps

GitLab DevSecOps Capabilities Missing in GitHub

GitLab Capability Features
View all security issues in a single pane of glass within project context Security Dashboard
Proactively scan for vulnerabilities Dependency scanning, Container Scanning
Preview App before Merge to reduce defects, shorten development time Preview changes with review apps. Environments Autostop for review apps
Security Test running applications Dynamic Application Security Testing

GitLab SAST vs GitHub Code Scanning

  GitHub Code Scanning GitLab SAST
Supported Languages View Here View Here
Predefined vulnerabilities Yes Yes
Number of predefined vulnerabilities 2,000+ Varies- Based on Scan Tool
Custom vulnerability definitions Yes Yes
Variant analysis Yes Yes
Display security results in pull/merge request Yes Yes
Schedule scans Yes No
Event triggered scans Yes No
API Support Yes Yes
Auto SAST setup and configuration No Yes
Vulnerability Filtering based on threshold No Yes
Git is a trademark of Software Freedom Conservancy and our use of 'GitLab' is under license
View page source — Edit in Web IDE — please contribute. Creative Commons License