is now in public beta!
Browse articles from Security
Recent posts
Security
SemVer versioning: how we handled it with linear interval arithmetic
SemVer versioning made it difficult to automate processing. We turned to linear interval arithmetic to come up with a unified, language-agnostic semantic versioning approach.
Security
How to write and continuously test vulnerability detection rules for SAST
Interns with the Google Summer of Code helped GitLab transition from our old SAST tools to Semgrep.
Security
Why are developers so vulnerable to drive-by attacks?
The complexity of developer working environments make them more likely to be vulnerable to a drive-by attack. We talk about why and walk you through a real-life example from a recent disclosure here at GitLab, and provide tips to reduce the risk and impact of drive-by attacks.
Security
How to secure your software build pipeline using code signing
The Venafi plugin for GitLab enables single sign-on and digital signatures to better secure your app.
Security
Introducing Spamcheck: A data-driven, anti-abuse engine
How we built, tested and deployed a new tool on GitLab that fights spam and abuse.
Security
How DevSecOps can protect businesses from future supply chain attacks
Learn how GitLab's all-in-one DevSecOps solution can help businesses keep their supply chains secure.
Security
Meet Package Hunter: A tool for detecting malicious code in your dependencies
We developed, tested and open sourced a new tool to analyze program dependencies and protect the supply chain.
Find out which plan works best for your team
Learn about pricingLearn about what GitLab can do for your team
Talk to an expert