The One DevOps Platform enables organizations to stay ahead of threat vectors, maintain compliance posture, and deliver secure software faster

DETROIT, MI – October 25, 2022 – All Remote – Today at KubeCon + CloudNativeCon North America, GitLab Inc., provider of The One DevOps Platform, announced enhancements to its Security and Governance solution which enables organizations to integrate security and compliance in every step of the software development lifecycle (SDLC) and secure their software supply chain.

GitLab’s 2022 Global DevSecOps Survey found that security was the highest priority investment area for organizations, with 57% of security professionals surveyed stating that their organizations have already shifted security left or plan to this year. To meet growing security needs, GitLab is enhancing its Security and Governance solution to provide visibility and management over security findings and compliance requirements, as well as deliver what we believe is a first-class software supply chain security experience.

With increasing regulatory and compliance requirements for organizations, GitLab has increased its focus on governance to help teams identify risks by providing them with visibility into their projects' dependencies, security findings, and user activities. This includes capabilities like security policy management, compliance management, audit events, vulnerability management, and an upcoming capability of dependency management, which will help developers track vulnerable dependencies detected in their applications. These governance capabilities, in conjunction with a comprehensive set of security testing capabilities such as static application security testing (SAST), secret detection, dynamic application security testing (DAST), API security, fuzz testing, dependency scanning, license compliance, and container scanning, can help organizations achieve continuous security and compliance of their software supply chain without compromising on speed and agility.

“To stay competitive and propel digital transformation, organizations need to be great at developing, operating, and securing software. Security needs to be embedded in all stages of the software development lifecycle, not treated as an afterthought,” said David DeSanto, VP of Product at GitLab. “Our enhanced security and governance capabilities make GitLab a comprehensive DevSecOps solution to help secure an organization's software supply chain.”