GitLab defines security monitoring alert criteria, how alert criteria will be flagged, and identifies authorized personnel for flagged system alerts.
Defined security monitoring alert criteria and a documented mechanism to handle security alerts helps ensure the security of customer, GitLab team member, and partner data. This control can be tested by reviewing the Incident Response and Security Incident Response processes, as well as the DELKE alerting criteria and notification mechanisms.
This control applies to all systems within our production environment. The production environment includes all endpoints and cloud assets used in hosting GitLab.com and its subdomains. This may include third-party systems that support the business of GitLab.com.
Non-public information relating to this security control as well as links to the work associated with various phases of project work can be found in the Security Monitoring Alert Criteria control issue.
Examples of evidence an auditor might request to satisfy this control: