Application Security Testing built-in to your DevOps process

1. You are here:
2. The DevOps Lifecycle with GitLab
3. Application Security Testing built-in to your DevOps process

Proactive security. No integrations.

GitLab Security includes all of these capabilities - in one tool - built into your DevOps process:

• Static Application Security Testing (SAST)
• Dynamic Application Security Testing (DAST)
• Dependency Scanning
• Container Scanning
• License Management

For the developer: Are you bothered by siloed security processes that take you away from development? GitLab is a single application for developers and for security.

• Scan for security flaws with every commit with no incremental effort
• Security issues reported directly in Pipelines and Merge Requests
• Zero context switching to proactively secure applications


For the Security Pro: Do you lack visibility into dev and see vulnerabilities late in the cycle? GitLab is a single application for developers and for security.

• Shared view with dev
• Security Dashboard to assess vulnerabilities and assign issues or resolve.
• No integration work and managing or maintaining independent security tools.

For the CIO or CISO: Are you juggling Security, costs, and business agility?
GitLab is a single application for developers and for security.

• One license cost for integrated security
• ROI efficiency. Buy one application for your SDLC.
• You need not slow down your software factory
• Scan ALL of your applications ALL of the time without incremental costs