BlogSecurity21

Browse articles from Security

Recent posts

Security

How do bug bounty hunters use GitLab to help their hack?

We know GitLab is a complete open source DevOps platform, but can it improve your hack? We chat with three bug bounty hunters to find out.

Security

A deep dive into how we investigate and secure GitLab packages

Supply chain attacks aren't new, but that doesn't mean extra vigilance and protection aren't needed. We take a look at how we secure our packages and registries.

Security

How we used GitLab values to develop a successful Security Awards Program

We built a program that encourages, recognizes, and awards a shared responsibility for security.

Security

How the Security Culture Committee is strengthening GitLab values

Learn how this group of team members works to preserve and reinforce GitLab values in the Security department and beyond.

Security

Inside the Bug Bounty Council at GitLab

We improve consistency across severity ratings and payouts in our bug bounty program with collaboration, iteration, and async communication.

Security

Ask a hacker: ajxchapman

We talk with bug bounty hunter Alex Chapman about his favorite type of vulnerability to research and the one piece of security advice he’d offer to the company he hacks.

Security

Masked variable vulnerability in Runner version 13.9.0-rc1

How we responded to a masked variable vulnerability in GitLab Runner version 13.9.0-rc1 and actions users should take.

Security

Android App Security Testing with SAST

Learn how to secure your Android application with Static Application Security Testing.

Security

2020 through a bug bounty lens

We take a look back at the year in bugs and bounties and celebrate the reporters and contributions that make us more secure.

Ready to get started?

See what your team could do with a unified DevSecOps Platform

Get free trial

Find out which plan works best for your team

Learn about pricing

Learn about what GitLab can do for your team

Talk to an expert