Trust & Safety Team

GitLab.com Trust & Safety Team Overview

The Trust and Safety team is a sub department of the Security Team at GitLab that forms part of the Security Operations subdepartment in Security at GitLab Inc and are tasked with the mitigation of Abuse on gitlab.com.

Mission

Our mission is to help build and maintain user trust, while keeping the GitLab platform safe and harm-free to help enable everyone to contribute.

We aim to achieve this by building a culture of care, protection, and a respect for privacy. We aim to stop the “bad” while also enabling the “good”.

Vision

Our vision for GitLab Trust and Safety is to build a team and tooling capable of achieving both accuracy and scale in our work.

We want to make our corner of the internet a little safer, but also be the best internet citizens we can be by helping to detect and report abuse externally.

Our Responsibilities

  • Detect user generated Abuse on GitLab.com
  • Review reported accounts for abusive activity on GitLab.com.
  • Remove user generated content on GitLab.com that violate of our Terms of Service.
  • Mitigating malicious user generated activity on GitLab.com.
  • Review Account Reinstatement requests.
  • Review DMCA (Digital Millennium Copyright Act) and Trademark Infringement notices.
  • Reporting malicious activity impacting GitLab.com to the relevant service providers.

The Team

Person Role
Joanna Rubi Security Engineer, Trust & Safety
Shawn Sichak Security Engineer, Trust & Safety
Westley van den Berg Security Analyst, Trust & Safety
Ruby Nealon Security Engineer, Trust & Safety
Charl de Wit Security Manager, Trust & Safety

Reporting Abuse

Working with GitLab Trust and Safety Team

  • For Open Source Program Partners, Premium and Ultimate customers that would like to discuss, and potentially improve, your current abuse prevention and mitigation strategies, you can reach us at abuse@gitlab.com. Include any relevant information as to the abuse issue you are currently experiencing to help us provide the most relevant information.

  • Abuse prevention/mitigation feature requests or suggestions should be created in the Feature Proposal issue from the provided templates in the Project, add the ~Abuse Prevention label.

Feature proposals can be submitted for the following:

You can tag @gitlab-com/gl-security/security-operations/trust-and-safety and @gitlab-org/modelops/anti-abuse to review the gitlab issue.

GitLab team members can reach Trust and Safety via:

  • Slack: #abuse channel using the team Slack handle: @trust-and-safety
  • Non-urgent queries should be created in our Operations Tracker or tag us (@gitlab-com/gl-security/security-operations/trust-and-safety) in the issue and notify us in the #abuse slack channel.
  • For URGENT issues that require the immediate attention of the Trust and Safety team, use the /security Slack slash command, the command triggers the Trust and Safety Escalation Workflow and requests that you file an incident using a form. The form asks questions about the incident, which will help the Trust and Safety Team automatically determine severity and priority. Depending on which labels get assigned, the Trust and Safety on-call will be paged.
    • URGENT Trust and Safety issues are defined as instances of user generated abuse :
      • that is or has a high probability of resulting in service degradation or outages of GitLab.com and/or its features.
      • on GitLab.com that has the potential of causing significant legal, financial or reputational damage or liability to the company.

Non GitLab team members.

  • Non GitLab members should use the report Abuse button to report abuse.
  • More detailed abuse reports can be sent to abuse@gitlab.com

Abuse DIY

If you are running your own GitLab instance and looking for some tips and tricks to manage abuse on your instance, have a look at our DIY page for more information.


Abuse on GitLab.com
Overview Reporting Abuse Report a User Profile Reporting abuse via the Report Abuse button on a user profile. You can use the report abuse button located at the top right of the user profile page. The form will require you to enter information describing the type abuse you are reporting. Reports with insufficient information, cannot be reviewed and will therefore be closed, more detailed reports can be sent to abuse@gitlab.
Intellectual property on gitlab.com
Overview DMCA - Digital Millennium Copyright Act GitLab takes the intellectual property rights of others seriously and require that our users do the same. The Digital Millennium Copyright Act (DMCA) established a process for addressing claims of copyright infringement. If you own a copyright or have authority to act on behalf of a copyright owner and want to report a claim that a third party is infringing that material on or through GitLab’s services, review the Submitting a DMCA Notice section further below.
Trust & Safety Team Frequently Asked Questions
Overview Below is a list of Frequently Asked Questions. Account Reinstatements What do I do if my account has been blocked? You can open an Account Reinstatement request with GitLab Support Select GitLab.com (SaaS) user accounts and login issues and complete the form. Wait for feedback from the support team. DMCA Requests I received a DMCA request and my Account is Blocked? If you received a DMCA request for your account, you can do one of the following.
Trust & Safety, Do It Yourself
Preventing, detecting and mitigating ABUSE for self managed customers
Last modified March 27, 2024: Change shortcode to plain links (7db9c423)