is now in public beta!
Browse articles from Security
Recent posts
Security
How we’re using DAST 2 for easier scan configuration and reduced noise
Our security team upgraded to GitLab’s DAST 2. Here’s how and why we did it.
Security
Notice for GitKraken users with GitLab
How we responded to Axosoft’s GitKraken software vulnerability affecting SSH keys and actions users should take.
Security
Threat modeling the Kubernetes Agent: from MVC to continuous improvement
Learn how we put our threat model into action iteratively and expanded the process into a full-fledged standalone activity.
Security
SemVer versioning: how we handled it with linear interval arithmetic
SemVer versioning made it difficult to automate processing. We turned to linear interval arithmetic to come up with a unified, language-agnostic semantic versioning approach.
Security
How to write and continuously test vulnerability detection rules for SAST
Interns with the Google Summer of Code helped GitLab transition from our old SAST tools to Semgrep.
Security
Why are developers so vulnerable to drive-by attacks?
The complexity of developer working environments make them more likely to be vulnerable to a drive-by attack. We talk about why and walk you through a real-life example from a recent disclosure here at GitLab, and provide tips to reduce the risk and impact of drive-by attacks.
Security
How to secure your software build pipeline using code signing
The Venafi plugin for GitLab enables single sign-on and digital signatures to better secure your app.
Find out which plan works best for your team
Learn about pricingLearn about what GitLab can do for your team
Talk to an expert