Security Operations Sub-department

1. You are here:
2. Engineering
3. Security
4. Security Operations Sub-department

Maintained by:

Johnathan Hunt

@JohnathanHunt

On this page

• Vision
• Mission
• Sub-department Members
• All Team Members
  • Red Team
  • Trust & Safety
  • Security Incident Response Team
  • Resources and Tools
    • Security Enclave GCP Environment
• Common Links

Vision

Protect company property by identifying, preventing, detecting and responding to risks and security events targeting the business and GitLab.com and its users. We are at the forefront of GitLab's security.

Mission

The Security Operations Sub-department focuses on the operational aspect of security. Our Sub-department consists of experienced breakers, builders, and defenders from all walks of life and geographic locations. We are responsible for improving GitLab's security capabilities and metrics in the areas of:

• Realistic cyber attack scenarios against GitLab.com, company property, and employees - Red Team, Issues Tracker
• Security anomaly/event detection and incident response - SIRT - Security Incident Response Team, Issues Tracker
• Abuse of GitLab.com - Trust & Safety, Issues Tracker

Sub-department Members

The following people are permanent members of the Security Operations Sub-department:

All Team Members

The following people are permanent members of teams that belong to the Operations Sub-department:

Red Team

Trust & Safety

Security Incident Response Team

Resources and Tools

Security Enclave GCP Environment

For activities and tools that require confidentiality and availability independent of GitLab.com resources, an independent GCP environment

The main project for tracking work is security-enclave>.

Common Links

• How to page/engage the Security On-Call
• Slack channel to interact with the teams #security-department
• GitLab Security Department Group (GitLab)
• GitLab Security Operations Sub-department Group (GitLab)