Gitlab hero border pattern left svg Gitlab hero border pattern right svg

SYS.2.01 - Security Monitoring Alert Criteria

SYS.2.01 - Security Monitoring Alert Criteria

Control Statement

GitLab defines security monitoring alert criteria, how alert criteria will be flagged, and identifies authorized personnel for flagged system alerts.


Defined security monitoring alert criteria and a documented mechanism to handle security alerts helps ensure the security of customer, GitLab team member, and partner data. This control can be tested by reviewing the Incident Response and Security Incident Response processes, as well as the DELKE alerting criteria and notification mechanisms.


This control applies to all systems within our production environment. The production environment includes all endpoints and cloud assets used in hosting and its subdomains. This may include third-party systems that support the business of


Additional control information and project tracking

Non-public information relating to this security control as well as links to the work associated with various phases of project work can be found in the Security Monitoring Alert Criteria control issue.

Examples of evidence an auditor might request to satisfy this control:

Policy Reference

Framework Mapping