GitLab Announces a Hardened Container Image in Support of the U.S. Department of Defense Enterprise DevSecOps Initiative

Secure, End-to-End Software Development Solution Accelerates U.S. Public Sector Application Development

— Today GitLab, the single application for the entire DevOps lifecycle, announced that it has enhanced its 13.0 product release with a hardened container image in continued support of the U.S. public sector’s focus on application security. With this enhancement, GitLab reinforces its commitment to providing a secure DevSecOps environment for all of its public sector and regulated industry clients in finance, healthcare, energy, and transportation.

GitLab is experienced in working with the U.S. Department of Defense (DoD) and has been instrumental in the DevSecOps initiatives of agencies such as the U.S. Air Force software factories, as well as programs within the U.S. Army, U.S. Navy and Fourth Estates agencies. Developed in coordination with the DoD, GitLab software now includes a DoD-compliant hardened container image to address the DevSecOps initiatives of the Pentagon.

“GitLab is a key component of the Platform One DevSecOps product stack supporting the DoD Enterprise DevSecOps Initiative,” said Nicolas Chaillan, chief software officer of the U.S. Air Force and co-lead of the DoD Enterprise DevSecOps Initiative. “Including the GitLab hardened image as part of Iron Bank’s centrally accredited containers of best of breed development tools enables DoD-wide use across classifications, which supports the faster deployment of more secure software across the Department of Defense and regulated industries.”

Hardening helps minimize the risk profile, enables more secure applications to be deployed quickly, and supports continuous authority to operate processes. GitLab’s acceptance as a hardened and secure software solution into Iron Bank, the centralized artifact repository, allows any DoD agency to easily and confidently acquire and implement its software development platform. The Iron Bank repository enables an easier adoption of DevSecOps solutions throughout the DoD.

“GitLab is essential to every part of our DevSecOps process, allowing us to bridge the gap across our developers to product owners. Having a pre-hardened version greatly speeds up deployment to our production systems and slashes platform spin-up and maintenance for our clients. Overall, we can deliver applications to the warfighter exponentially faster due to this capability,” said James “Guideaux” Crocker, lab director, BESPIN, U.S.A.F.

GitLab coordinated with the U.S. Air Force software factories, including Kessel Run, LevelUP, Kobayashi Maru, SpaceCAMP, and BESPIN,to develop and provide a complete DevSecOps solution for the factories as they look to deploy software as quickly and securely as possible in response to today’s threat landscape.

“The addition of a hardened container image to our U.S public sector offering reinforces GitLab’s commitment to providing a secure, end-to-end DevSecOps software development platform that meets the strenuous security and compliance requirements of the US. military and other highly regulated organizations,” said Scott Williamson, executive vice president of product at GitLab. “GitLab’s close coordination with both customers and industry experts to meet these criteria supports not only the needs of our public sector customers, but also ensures that all GitLab users—especially those in critical infrastructure and regulated industries—benefit from the additional security capabilities.”

To fulfill Iron Bank security requirements, software must meet standards including installing completely on its own and not reaching out to the internet to acquire any additional libraries or files as well as rigorous vulnerability scanning. Enterprise functionality is enabled via the purchase of a GitLab license file. Additional security features such as security scanning and vulnerability management with high availability and client certificate authentication are included in the self-managed GitLab Ultimate edition.

For more information on GitLab’s public sector practice, please visit about.gitlab.com/solutions/public-sector.

About GitLab

GitLab is the DevOps platform built from the ground up as a single application for all stages of the DevOps lifecycle enabling Product, Development, QA, Security, and Operations teams to work concurrently on the same project. GitLab provides a single data store, one user interface, and one permission model across the DevOps lifecycle. This allows teams to significantly reduce cycle times through more efficient collaboration and enhanced focus.

Built on Open Source, GitLab works alongside its growing community, which is composed of thousands of developers and millions of users, to continuously deliver new DevOps innovations. GitLab has an estimated 30 million+ users (both Paid and Free) from startups to global enterprises, including Ticketmaster, Jaguar Land Rover, NASDAQ, Dish Network, and Comcast trust GitLab to deliver great software faster. All-remote since 2014, GitLab has more than 1,300 team members in 65 countries.

Media Contact

Christina Weaver


GitLab


[email protected]