is now in public beta!
Browse articles from Security
Recent posts
Security
Meet Package Hunter: A tool for detecting malicious code in your dependencies
We developed, tested and open sourced a new tool to analyze program dependencies and protect the supply chain.
Security
How we’re creating a threat model framework that works for GitLab
As usual, we’re creating our own path in how we handle our threat modeling, approaching development both iteratively and collaboratively, and seriously shifting left with our framework and processes.
Security
A brief look at Gitpod, two bugs, and a quick fix
Our security researcher takes a look at Gitpod and finds some access tokens under the carpet.
Security
How do bug bounty hunters use GitLab to help their hack?
We know GitLab is a complete open source DevOps platform, but can it improve your hack? We chat with three bug bounty hunters to find out.
Security
A deep dive into how we investigate and secure GitLab packages
Supply chain attacks aren't new, but that doesn't mean extra vigilance and protection aren't needed. We take a look at how we secure our packages and registries.
Security
How we used GitLab values to develop a successful Security Awards Program
We built a program that encourages, recognizes, and awards a shared responsibility for security.
Security
How the Security Culture Committee is strengthening GitLab values
Learn how this group of team members works to preserve and reinforce GitLab values in the Security department and beyond.
Find out which plan works best for your team
Learn about pricingLearn about what GitLab can do for your team
Talk to an expert