Security Research articles, page 2 of 2 - GitLab Blog

Recent posts

How to play GitLab's Capture the Flag at home

Our AppSec team built and ran a CTF, and now it's available for you to play at home.

How to benchmark security tools: a case study using WebGoat

When tasked to compare security tools, it's critical to understand what's a fair benchmark. We take you step by step through WebGoat's lessons and compare them to SAST and DAST results.

GitLab instance: security best practices

Default settings on products can be massively helpful. However, when it comes to hardening your GitLab instance, we’ve got some helpful configuration recommendations from our security team.

How we manage open source security software

Open source software presents unique security challenges. Here’s what you need to know.

Top 6 security trends in GitLab-hosted projects

Using components with known vulnerabilities is the most common security problem in GitLab.com-hosted projects.

How to exploit parser differentials

Your guide to abusing 'language barriers' between web components.

Tutorial on privilege escalation and post exploitation tactics in Google Cloud Platform environments

A Red Team exercise on exploiting design decisions on GCP.

Introducing Token-Hunter

Our red team has created a new tool to find sensitive data in the vast, wide-open.

Shopping for an admin account via path traversal

How to exploit a path traversal issue to gain an admin account

Pagination

Ready to get started?

See what your team could do with a unified DevSecOps Platform

Find out which plan works best for your team

Learn about pricing

Learn about what GitLab can do for your team

Talk to an expert