Gitlab hero border pattern left svg Gitlab hero border pattern right svg

Category Direction - Container Network Security


Containers are a critical part of modern applications. They contain the business logic and data needed to operate, and are frequently spun up and down based on load, costs, and other factors. Because containers are such a critical part of apps, they need to be defended from attacks and inappropriate use. This is even more important when one app is on the same cluster as another app.


GitLab's goal with container network security is that any app can be run on a cluster with any other app, with confidence that it can properly identify and stop any unintended use or traffic. Our goal is also to be able to detect rogue containers and other resources inappropriately added to clusters, so they can either be deleted or blacklisted. Finally, our goal is to be able to do everything and provide informative results outwards as either Issues or Vulnerabilities, so the security team and others in your organization can act to remediate existing issues and prevent future issues.


Planned to Minimal

What's Next & Why

We will start by adding NetworkPolicy objects to Kubernetes clusters as the first step in this category. This provides a powerful baseline for which more advanced networking controls can be added to.

Competitive Landscape


Analyst Landscape


Top Customer Success/Sales Issue(s)


Top Customer Issue(s)

The category is very new, so we still need to engage customers and get feedback about their interests and priorities in this area.

Top Vision Item(s)