This page contains information on secure training initiatives sponsored by the GitLab Security team.
For information on developing security fixes in GitLab, please see the Security Release Documentation. (Required)
The GitLab Secure Coding Guidelines (Required) cover how to address specific classes of vulnerabilities that have been identified in GitLab.
When you complete the portions of the training that pertain to you, please take this short survey on it.
GitLab Secure Coding Training is an annual requirement that must be completed by a sub-group of individuals in the Engineering Department. GitLab has created in-house training that is being provided via ProofPoint, GitLab's third-party security platform.
This training is intended to help developers identify potential security vulnerabilities early, with the goal of reducing the number of vulnerabilities in the product over time.
A developer-focused application security training presented by Jim Manico, and Dr. Justin Collins, the creator of Brakeman, occurred on the days of July 29th and 30th 2019. In addition to covering secure coding in general, it also covers specific threats and mitigations for Ruby on Rails applications. The content is presented in a lighthearted and entertaining manner.
You can find the recorded, private YouTube stream at the following:
These videos are private by default. To view them, you will need to switch to the GitLab Unfiltered account.