GitLab Dedicated Security Certifications and Attestations

Maintained by:

Purpose

The Security Compliance team for GitLab Dedicated is responsible for planning, obtaining, and maintaining industry-recognized security certifications for the GitLab Dedicated product to ensure customer trust. The benefits from these activities include:

For customers:

increases visibility and confidence in our information security program and the Dedicated SaaS platform
increases ease in onboarding and managing GitLab as a vendor

For GitLab:

ensures we are meeting all requirements of a strong and comprehensive information security program aligned with industry best practices
enables our field teams to quickly share the state of our security program with potential and existing customers
reduces the need for GitLab's security team to fill out individual customer security questionnaires or assessments

Scope

Generally, the scope of the items listed on this page include GitLab Dedicated, the GitLab Dedicated production environment, and global policies and procedures relied upon for control implementation.

Are you looking for security certifications/attestations for GitLab.com? Please look here.

Current

Planned (Roadmap)

The following security certifications and attestations are currently on our roadmap for consideration and have not yet been formally committed or contracted:

Year(s): FY24

SOC 2 Type 2 Report +Availbility Criteria
SOC 3 Report
ISO/IEC 27001:2013 Certification: Survellence audit
Standardized Information Gathering Questionnaire Self-Assessment

Year(s): FY25

SOC 2 Type 2 Report: +Privacy Critera
ISO/IEC 27001:2013 Certification: Recertification

More information

Please see our Trust Center for more information. Current or Prospective customers may request related artifacts through their Account Manager, or by using the Request by Email option on the Customer Assurance Package webpage.

Return to Security Assurance