Software Compliance with GitLab
Build applications that meet common regulatory standards with a secure software supply chain.
Build applications that meet common regulatory standards with a secure software supply chain.
Define rules and policies to adhere to compliance frameworks and common controls
Granular user roles and permissions: Define user roles and permission levels that make sense for your organization
Access control: Limit access with two-factor authentication and expiration tokens
Compliance settings: Define and enforce compliance policies for specific projects, groups, and users
Credentials inventory: Keep track of all the credentials that can be used to access a GitLab self-managed instance
Protected branches: Control unauthorized modifications to specific branches — including creating, pushing, and deleting a branch — without adequate permissions or approvals
Enforce defined rules, policies, and separation of duties while reducing overall business risk
Compliance framework project templates: Create projects that map to specific audit protocols such as HIPAA to help maintain an audit trail and manage compliance programs
Compliance framework project labels: Easily apply common compliance settings to a project with a label
Compliance framework pipelines: Define compliance jobs that should be run in every pipeline to ensure that security scans are run, artifacts are created and stored, or any other steps required by your organizational requirements
Prepare for audits and better understand the root cause of issues with easy access to audit data
Audit events: Track important events such as changes to user permission levels, who added a new user, or who removed a user
Streaming audit events: Consolidate your audit logs in a tool of your choice
Audit reports: Respond to auditors by generating comprehensive reports such as instance, group, and project events, impersonation data, sign-in, and user events
Compliance report: Get a high-level view of compliance violations and the reasons and severity of violations in merge requests
View, triage, trend, track, and resolve vulnerabilities and dependencies in your applications
Security dashboards: Access current security status applications and initiate remediation
Software bill of materials: Scan application and container dependencies for security flaws and create a software bill of materials (SBOM) of the dependencies used
Video
Video
Video
GitLab empowers your teams to balance speed and security by automating software delivery and securing your end-to-end software supply chain.
Learn more
Ensure your software supply chain is secure and compliant.
Learn more
Automation essentials for achieving digital innovation, cloud native transformations and application modernization
Learn moreSee what your team can do with the most comprehensive
AI-powered DevSecOps platform.
When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.
Cookie Policy
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, enabling you to securely log into the site, filling in forms, or using the customer checkout. GitLab processes any personal data collected through these cookies on the basis of our legitimate interest.
These cookies enable helpful but non-essential website functions that improve your website experience. By recognizing you when you return to our website, they may, for example, allow us to personalize our content for you or remember your preferences. If you do not allow these cookies then some or all of these services may not function properly. GitLab processes any personal data collected through these cookies on the basis of your consent
These cookies allow us and our third-party service providers to recognize and count the number of visitors on our websites and to see how visitors move around our websites when they are using it. This helps us improve our products and ensures that users can easily find what they need on our websites. These cookies usually generate aggregate statistics that are not associated with an individual. To the extent any personal data is collected through these cookies, GitLab processes that data on the basis of your consent.
These cookies enable different advertising related functions. They may allow us to record information about your visit to our websites, such as pages visited, links followed, and videos viewed so we can make our websites and the advertising displayed on it more relevant to your interests. They may be set through our website by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant advertisements on other websites. GitLab processes any personal data collected through these cookies on the basis of your consent.