Browse articles from Security

Recent posts

Security

Terraform as part of the software supply chain, Part 1 - Modules and Providers

We examine the supply chain aspects of Terraform, starting with a closer look at malicious Terraform modules and providers and how you can better secure them.

Security

How we run Red Team operations remotely

Our team shares the process and templates that drive our successful red team ops in our all-remote environment.

Security

Updates regarding Rubygems ‘Unauthorized gem takeover for some gems’ vulnerability CVE-2022-29176

Actions we've taken to investigate the Rubygems takeover vulnerability.

Security

One DevOps platform can help you achieve DevSecOps

GitLab drives innovation in the AST market to secure cloud-native applications.

Security

Updates regarding Spring remote code execution vulnerabilities CVE-2022-22965 and CVE-2022-22963

Actions we've taken to investigate the Spring RCE vulnerabilities.

Security

How to ensure separation of duties and enforce compliance with GitLab

Use your DevSecOps platform to help maintain compliance without compromising on development speed.

Security

Comply with NIST's secure software supply chain framework with GitLab

The U.S. government's Secure Software Development Framework has four key practices. GitLab's DevOps platform has features to address them all.

Security

How GitLab's integration with Rezilion reduces vulnerability backlog and identifies exploitable risks

The native integration helps developers detect and remediate vulnerabilities that are exploitable early on in the development process.

Security

Action we've taken in response to a potential Okta breach

Actions we've taken to investigate a potential Okta breach.

Ready to get started?

See what your team could do with a unified DevSecOps Platform

Get free trial

Find out which plan works best for your team

Learn about pricing

Learn about what GitLab can do for your team

Talk to an expert