Protect

Protect your apps and infrastructure from security intrusions.

Product categories

Container Scanning

Check Docker images for known vulnerabilities in the application environment. Analyze image contents against public vulnerability databases using the open source tool, Clair, that is able to scan any kind of Docker (or App) image. Vulnerabilities are shown in-line with every merge request.

Learn More →

WAF

A Web Application Firewall (WAF) can examine traffic being sent to your web application and can detect then block malicious traffic before it reaches them. The ModSecurity WAF is installed via Auto DevOps behind the ingress controller in your Kubernetes cluster. It is configured by default to run the OWASP ModSecurity core ruleset.

Learn More →

Security Orchestration

Future Category

Unified policy and alert security orchestration capabilities across all of GitLab's scanners and security technologies.

Learn More →

Container Host Security

Detect and respond to security threats at the Kubernetes, network, and host level.

Learn More →

Container Network Security

Container network security allows the implementation of network policies in Kubernetes to detect and block unauthorized network traffic between pods and to/from the Internet.

Learn More →
Git is a trademark of Software Freedom Conservancy and our use of 'GitLab' is under license