Blogsecurity3

Browse articles that include the security tag

Recent posts

Security

Achieve SLSA Level 2 compliance with GitLab

Compliance mandates call for controls to prevent software tampering, improve integrity of builds and artifacts, and support attestation. Here's how GitLab can help.

Security

Action needed by self-managed customers in response to CVE-2021-22205

Self-managed users using outdated versions should update immediately.

Security

Action we've taken in response to a potential Okta breach

Actions we've taken to investigate a potential Okta breach.

Security

How to action security vulnerabilities in GitLab Premium

Learn step-by-step how to process detected vulnerabilities and spawn merge request approval rules from critical vulnerabilities.

Insights

How advanced are your DevSecOps practices?

Read here what the three levels of DevSecOps practices are and what they include and how to improve your own

Security

Agile iteration: My unique onboarding experience at GitLab

How I learned to iterate quickly during my first week at GitLab.

Security

Ask a hacker: ajxchapman

We talk with bug bounty hunter Alex Chapman about his favorite type of vulnerability to research and the one piece of security advice he’d offer to the company he hacks.

Engineering

How developer-centric AppSec testing can dramatically change your DevOps team

Find and fix security bugs faster by implementing developer-centric application security testing in the CI pipeline. And the bonus? Engineering and security will finally be better aligned.

Security

American Fuzzy Lop on GitLab: Automating instrumented fuzzing using pipelines

An example of how to automate instrumented fuzzing with American Fuzzy Lop using pipelines.

Ready to get started?

See what your team could do with a unified DevSecOps Platform

Get free trial

Find out which plan works best for your team

Learn about pricing

Learn about what GitLab can do for your team

Talk to an expert