Security Engineering & Research

1. You are here:
2. Engineering
3. Security
4. Security Engineering & Research

Maintained by:

Laurence Bierner

@laurence.bierner

On this page

• Security Engineering & Research Sub-Department
  • Security Engineering & Research Mission
  • Teams

Security Engineering & Research Sub-Department

The Security Engineering & Research sub-department is responsible for technical and engineering security specific to the GitLab product and internal used systems or applications.

Security Engineering & Research Mission

The Security Engineering & Research sub-department's mission is to support the business and ensure that all GitLab products securely manage customer data. We do this by:

• working closely with engineering, product, infrastructure, and other security department teams
• designing and deploying custom automated security solutions
• conducting in-depth security related research and assessments
• transparently communicating important information externally to customers and the community alike

Teams

The Security Engineering & Research sub-department includes the following teams. Learn more about each by visiting their Handbook pages.

• Application Security specialists work closely with development, product security PMs, and third-party groups (including paid bug bounty programs) to ensure pre and post deployment assessments are completed.
• Security Automation specialists help us scale by creating custom security focused tools that perform common tasks automatically.
• Security Research specialists conduct internal testing and research against GitLab assets, against FOSS that is critical to GitLab products and operations, and against vendor products being considered for purchase and integration with GitLab.
• Security External Communications specialist lead customer advocacy, engagement and communications in support of GitLab Security Team programs and initiatives.