Our Customer Assurance Package contains documents such as our SOC2 report, ISO 27001 certificate, penetration test executive summary, and pre-filled CAIQ and SIG questionnaires, among many other documents. Please see our CAP page to request the package.
Our Trust Center outlines the various compliance and assurance credentials that GitLab maintains. This page also contains links to important security, legal & privacy, and availability resources, such as an overview of our security practices, our Environmental, Social, and Governance strategy, and our production architecture.
The following links contain frequently asked security, legal & privacy, and availability questions.
|Acceptable use||Access management||Business continuity||Cryptography||Data classification|
|Disaster recovery||Endpoint management||Hardening||Incident response and communication||Independent assurance|
|Logging and monitoring||Network security||Privacy||Security awareness||Third party risk management|
|Threat modeling||Vulnerability management|