[{"data":1,"prerenderedAt":745},["ShallowReactive",2],{"/de-de/blog/categories/security":3,"navigation-de-de":21,"banner-de-de":423,"footer-de-de":433,"security-category-page-total-items-de-de":638,"security-category-page-featured-de-de":639,"security-category-page-3-de-de":665},{"id":4,"title":5,"body":6,"category":6,"config":7,"content":11,"description":6,"extension":13,"meta":14,"navigation":15,"path":16,"seo":17,"slug":6,"stem":19,"testContent":6,"type":6,"__hash__":20},"blogCategories/de-de/blog/categories/security.yml","Security",null,{"template":8,"slug":9,"hide":10},"BlogCategory","security",false,{"name":12},"Sicherheit","yml",{},true,"/de-de/blog/categories/security",{"title":12,"description":18},"Browse articles related to Sicherheit on the GitLab Blog","de-de/blog/categories/security","RafNa29JNZ4JNGO3MJvpMciY4CG3ivNwFzY265Udobw",{"data":22},{"logo":23,"freeTrial":28,"sales":33,"login":38,"items":43,"search":351,"minimal":386,"duo":404,"pricingDeployment":413},{"config":24},{"href":25,"dataGaName":26,"dataGaLocation":27},"/de-de/","gitlab logo","header",{"text":29,"config":30},"Kostenlose Testversion anfordern",{"href":31,"dataGaName":32,"dataGaLocation":27},"https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/de-de&glm_content=default-saas-trial/","free trial",{"text":34,"config":35},"Vertrieb kontaktieren",{"href":36,"dataGaName":37,"dataGaLocation":27},"/de-de/sales/","sales",{"text":39,"config":40},"Anmelden",{"href":41,"dataGaName":42,"dataGaLocation":27},"https://gitlab.com/users/sign_in/","sign in",[44,71,166,171,272,332],{"text":45,"config":46,"cards":48},"Plattform",{"dataNavLevelOne":47},"platform",[49,55,63],{"title":45,"description":50,"link":51},"Die intelligente Orchestrierungsplattform für DevSecOps",{"text":52,"config":53},"Erkunde unsere Plattform",{"href":54,"dataGaName":47,"dataGaLocation":27},"/de-de/platform/",{"title":56,"description":57,"link":58},"GitLab Duo Agent Platform","Agentische KI für den gesamten Softwareentwicklungszyklus",{"text":59,"config":60},"Lerne GitLab Duo kennen",{"href":61,"dataGaName":62,"dataGaLocation":27},"/de-de/gitlab-duo-agent-platform/","gitlab duo agent platform",{"title":64,"description":65,"link":66},"Gründe, die für GitLab sprechen","Erfahre, warum Unternehmen auf GitLab setzen",{"text":67,"config":68},"Mehr erfahren",{"href":69,"dataGaName":70,"dataGaLocation":27},"/de-de/why-gitlab/","why gitlab",{"text":72,"left":15,"config":73,"link":75,"lists":79,"footer":148},"Produkt",{"dataNavLevelOne":74},"solutions",{"text":76,"config":77},"Alle Lösungen anzeigen",{"href":78,"dataGaName":74,"dataGaLocation":27},"/de-de/solutions/",[80,105,126],{"title":81,"description":82,"link":83,"items":88},"Automatisierung","CI/CD und Automatisierung zur Beschleunigung der Bereitstellung",{"config":84},{"icon":85,"href":86,"dataGaName":87,"dataGaLocation":27},"AutomatedCodeAlt","/de-de/solutions/delivery-automation/","automated software delivery",[89,93,96,101],{"text":90,"config":91},"CI/CD",{"href":92,"dataGaLocation":27,"dataGaName":90},"/de-de/solutions/continuous-integration/",{"text":56,"config":94},{"href":61,"dataGaLocation":27,"dataGaName":95},"gitlab duo agent platform - product menu",{"text":97,"config":98},"Quellcodeverwaltung",{"href":99,"dataGaLocation":27,"dataGaName":100},"/de-de/solutions/source-code-management/","Source Code Management",{"text":102,"config":103},"Automatisierte Softwarebereitstellung",{"href":86,"dataGaLocation":27,"dataGaName":104},"Automated software delivery",{"title":12,"description":106,"link":107,"items":112},"Entwickle schneller, ohne die Sicherheit zu gefährden",{"config":108},{"href":109,"dataGaName":110,"dataGaLocation":27,"icon":111},"/de-de/solutions/application-security-testing/","security and compliance","ShieldCheckLight",[113,117,122],{"text":114,"config":115},"Application Security Testing",{"href":109,"dataGaName":116,"dataGaLocation":27},"Application security testing",{"text":118,"config":119},"Schutz der Software-Lieferkette",{"href":120,"dataGaLocation":27,"dataGaName":121},"/de-de/solutions/supply-chain/","Software supply chain security",{"text":123,"config":124},"Software Compliance",{"href":125,"dataGaName":123,"dataGaLocation":27},"/de-de/solutions/software-compliance/",{"title":127,"link":128,"items":133},"Bewertung",{"config":129},{"icon":130,"href":131,"dataGaName":132,"dataGaLocation":27},"DigitalTransformation","/de-de/solutions/visibility-measurement/","visibility and measurement",[134,138,143],{"text":135,"config":136},"Sichtbarkeit und Bewertung",{"href":131,"dataGaLocation":27,"dataGaName":137},"Visibility and Measurement",{"text":139,"config":140},"Wertstrommanagement",{"href":141,"dataGaLocation":27,"dataGaName":142},"/de-de/solutions/value-stream-management/","Value Stream Management",{"text":144,"config":145},"Analysen und Einblicke",{"href":146,"dataGaLocation":27,"dataGaName":147},"/de-de/solutions/analytics-and-insights/","Analytics and insights",{"title":149,"items":150},"GitLab für",[151,156,161],{"text":152,"config":153},"Enterprise",{"href":154,"dataGaLocation":27,"dataGaName":155},"/de-de/enterprise/","enterprise",{"text":157,"config":158},"Kleinunternehmen",{"href":159,"dataGaLocation":27,"dataGaName":160},"/de-de/small-business/","small business",{"text":162,"config":163},"den öffentlichen Sektor",{"href":164,"dataGaLocation":27,"dataGaName":165},"/de-de/solutions/public-sector/","public sector",{"text":167,"config":168},"Preise",{"href":169,"dataGaName":170,"dataGaLocation":27,"dataNavLevelOne":170},"/de-de/pricing/","pricing",{"text":172,"config":173,"link":175,"lists":179,"feature":259},"Ressourcen",{"dataNavLevelOne":174},"resources",{"text":176,"config":177},"Alle Ressourcen anzeigen",{"href":178,"dataGaName":174,"dataGaLocation":27},"/de-de/resources/",[180,213,231],{"title":181,"items":182},"Erste Schritte",[183,188,193,198,203,208],{"text":184,"config":185},"Installieren",{"href":186,"dataGaName":187,"dataGaLocation":27},"/de-de/install/","install",{"text":189,"config":190},"Kurzanleitungen",{"href":191,"dataGaName":192,"dataGaLocation":27},"/de-de/get-started/","quick setup checklists",{"text":194,"config":195},"Lernen",{"href":196,"dataGaLocation":27,"dataGaName":197},"https://university.gitlab.com/","learn",{"text":199,"config":200},"Produktdokumentation",{"href":201,"dataGaName":202,"dataGaLocation":27},"https://docs.gitlab.com/","product documentation",{"text":204,"config":205},"Best-Practice-Videos",{"href":206,"dataGaName":207,"dataGaLocation":27},"/de-de/getting-started-videos/","best practice videos",{"text":209,"config":210},"Integrationen",{"href":211,"dataGaName":212,"dataGaLocation":27},"/de-de/integrations/","integrations",{"title":214,"items":215},"Entdecken",[216,221,226],{"text":217,"config":218},"Kundenerfolge",{"href":219,"dataGaName":220,"dataGaLocation":27},"/de-de/customers/","customer success stories",{"text":222,"config":223},"Blog",{"href":224,"dataGaName":225,"dataGaLocation":27},"/de-de/blog/","blog",{"text":227,"config":228},"Remote",{"href":229,"dataGaName":230,"dataGaLocation":27},"https://handbook.gitlab.com/handbook/company/culture/all-remote/","remote",{"title":232,"items":233},"Vernetzen",[234,239,244,249,254],{"text":235,"config":236},"GitLab-Services",{"href":237,"dataGaName":238,"dataGaLocation":27},"/de-de/services/","services",{"text":240,"config":241},"Community",{"href":242,"dataGaName":243,"dataGaLocation":27},"/community/","community",{"text":245,"config":246},"Forum",{"href":247,"dataGaName":248,"dataGaLocation":27},"https://forum.gitlab.com/","forum",{"text":250,"config":251},"Veranstaltungen",{"href":252,"dataGaName":253,"dataGaLocation":27},"/events/","events",{"text":255,"config":256},"Partner",{"href":257,"dataGaName":258,"dataGaLocation":27},"/de-de/partners/","partners",{"backgroundColor":260,"textColor":261,"text":262,"image":263,"link":267},"#2f2a6b","#fff","Perspektiven für die Softwareentwicklung der Zukunft",{"altText":264,"config":265},"the source promo card",{"src":266},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758208064/dzl0dbift9xdizyelkk4.svg",{"text":268,"config":269},"Lies die News",{"href":270,"dataGaName":271,"dataGaLocation":27},"/de-de/the-source/","the source",{"text":273,"config":274,"lists":276},"Unternehmen",{"dataNavLevelOne":275},"company",[277],{"items":278},[279,284,290,292,297,302,307,312,317,322,327],{"text":280,"config":281},"Über",{"href":282,"dataGaName":283,"dataGaLocation":27},"/de-de/company/","about",{"text":285,"config":286,"footerGa":289},"Karriere",{"href":287,"dataGaName":288,"dataGaLocation":27},"/jobs/","jobs",{"dataGaName":288},{"text":250,"config":291},{"href":252,"dataGaName":253,"dataGaLocation":27},{"text":293,"config":294},"Geschäftsführung",{"href":295,"dataGaName":296,"dataGaLocation":27},"/company/team/e-group/","leadership",{"text":298,"config":299},"Team",{"href":300,"dataGaName":301,"dataGaLocation":27},"/company/team/","team",{"text":303,"config":304},"Handbuch",{"href":305,"dataGaName":306,"dataGaLocation":27},"https://handbook.gitlab.com/","handbook",{"text":308,"config":309},"Investor Relations",{"href":310,"dataGaName":311,"dataGaLocation":27},"https://ir.gitlab.com/","investor relations",{"text":313,"config":314},"Trust Center",{"href":315,"dataGaName":316,"dataGaLocation":27},"/de-de/security/","trust center",{"text":318,"config":319},"AI Transparency Center",{"href":320,"dataGaName":321,"dataGaLocation":27},"/de-de/ai-transparency-center/","ai transparency center",{"text":323,"config":324},"Newsletter",{"href":325,"dataGaName":326,"dataGaLocation":27},"/company/contact/#contact-forms","newsletter",{"text":328,"config":329},"Presse",{"href":330,"dataGaName":331,"dataGaLocation":27},"/press/","press",{"text":333,"config":334,"lists":335},"Kontakt",{"dataNavLevelOne":275},[336],{"items":337},[338,341,346],{"text":34,"config":339},{"href":36,"dataGaName":340,"dataGaLocation":27},"talk to sales",{"text":342,"config":343},"Support-Portal",{"href":344,"dataGaName":345,"dataGaLocation":27},"https://support.gitlab.com","support portal",{"text":347,"config":348},"Kundenportal",{"href":349,"dataGaName":350,"dataGaLocation":27},"https://customers.gitlab.com/customers/sign_in/","customer portal",{"close":352,"login":353,"suggestions":360},"Schließen",{"text":354,"link":355},"Um Repositories und Projekte zu durchsuchen, melde dich an bei",{"text":356,"config":357},"gitlab.com",{"href":41,"dataGaName":358,"dataGaLocation":359},"search login","search",{"text":361,"default":362},"Vorschläge",[363,365,370,372,377,382],{"text":56,"config":364},{"href":61,"dataGaName":56,"dataGaLocation":359},{"text":366,"config":367},"Code Suggestions (KI)",{"href":368,"dataGaName":369,"dataGaLocation":359},"/de-de/solutions/code-suggestions/","Code Suggestions (AI)",{"text":90,"config":371},{"href":92,"dataGaName":90,"dataGaLocation":359},{"text":373,"config":374},"GitLab auf AWS",{"href":375,"dataGaName":376,"dataGaLocation":359},"/de-de/partners/technology-partners/aws/","GitLab on AWS",{"text":378,"config":379},"GitLab auf Google Cloud",{"href":380,"dataGaName":381,"dataGaLocation":359},"/de-de/partners/technology-partners/google-cloud-platform/","GitLab on Google Cloud",{"text":383,"config":384},"Warum GitLab?",{"href":69,"dataGaName":385,"dataGaLocation":359},"Why GitLab?",{"freeTrial":387,"mobileIcon":392,"desktopIcon":397,"secondaryButton":400},{"text":388,"config":389},"Kostenlos testen",{"href":390,"dataGaName":32,"dataGaLocation":391},"https://gitlab.com/-/trials/new/","nav",{"altText":393,"config":394},"GitLab-Symbol",{"src":395,"dataGaName":396,"dataGaLocation":391},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758203874/jypbw1jx72aexsoohd7x.svg","gitlab icon",{"altText":393,"config":398},{"src":399,"dataGaName":396,"dataGaLocation":391},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758203875/gs4c8p8opsgvflgkswz9.svg",{"text":181,"config":401},{"href":402,"dataGaName":403,"dataGaLocation":391},"https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/de-de/get-started/","get started",{"freeTrial":405,"mobileIcon":409,"desktopIcon":411},{"text":406,"config":407},"Erfahre mehr über GitLab Duo",{"href":61,"dataGaName":408,"dataGaLocation":391},"gitlab duo",{"altText":393,"config":410},{"src":395,"dataGaName":396,"dataGaLocation":391},{"altText":393,"config":412},{"src":399,"dataGaName":396,"dataGaLocation":391},{"freeTrial":414,"mobileIcon":419,"desktopIcon":421},{"text":415,"config":416},"Zurück zur Preisübersicht",{"href":169,"dataGaName":417,"dataGaLocation":391,"icon":418},"back to pricing","GoBack",{"altText":393,"config":420},{"src":395,"dataGaName":396,"dataGaLocation":391},{"altText":393,"config":422},{"src":399,"dataGaName":396,"dataGaLocation":391},{"title":424,"button":425,"config":430},"Sieh dir an, wie agentische KI die Softwarebereitstellung transformiert",{"text":426,"config":427},"GitLab Transcend jetzt ansehen",{"href":428,"dataGaName":429,"dataGaLocation":27},"/de-de/events/transcend/virtual/","transcend event",{"layout":431,"icon":432,"disabled":15},"release","AiStar",{"data":434},{"text":435,"source":436,"edit":442,"contribute":447,"config":452,"items":457,"minimal":630},"Git ist eine Marke von Software Freedom Conservancy und unsere Verwendung von „GitLab“ erfolgt unter Lizenz.",{"text":437,"config":438},"Quelltext der Seite anzeigen",{"href":439,"dataGaName":440,"dataGaLocation":441},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/","page source","footer",{"text":443,"config":444},"Diese Seite bearbeiten",{"href":445,"dataGaName":446,"dataGaLocation":441},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/content/","web ide",{"text":448,"config":449},"Beteilige dich",{"href":450,"dataGaName":451,"dataGaLocation":441},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/CONTRIBUTING.md/","please contribute",{"twitter":453,"facebook":454,"youtube":455,"linkedin":456},"https://x.com/gitlab","https://www.facebook.com/gitlab","https://www.youtube.com/channel/UCnMGQ8QHMAnVIsI3xJrihhg","https://www.linkedin.com/company/gitlab-com",[458,481,536,563,597],{"title":45,"links":459,"subMenu":464},[460],{"text":461,"config":462},"DevSecOps-Plattform",{"href":54,"dataGaName":463,"dataGaLocation":441},"devsecops platform",[465],{"title":167,"links":466},[467,471,476],{"text":468,"config":469},"Tarife anzeigen",{"href":169,"dataGaName":470,"dataGaLocation":441},"view plans",{"text":472,"config":473},"Vorteile von Premium",{"href":474,"dataGaName":475,"dataGaLocation":441},"/de-de/pricing/premium/","why premium",{"text":477,"config":478},"Vorteile von Ultimate",{"href":479,"dataGaName":480,"dataGaLocation":441},"/de-de/pricing/ultimate/","why ultimate",{"title":482,"links":483},"Lösungen",[484,489,492,494,499,504,508,511,514,519,521,523,526,531],{"text":485,"config":486},"Digitale Transformation",{"href":487,"dataGaName":488,"dataGaLocation":441},"/de-de/topics/digital-transformation/","digital transformation",{"text":490,"config":491},"Sicherheit und Compliance",{"href":109,"dataGaName":116,"dataGaLocation":441},{"text":102,"config":493},{"href":86,"dataGaName":87,"dataGaLocation":441},{"text":495,"config":496},"Agile Entwicklung",{"href":497,"dataGaName":498,"dataGaLocation":441},"/de-de/solutions/agile-delivery/","agile delivery",{"text":500,"config":501},"Cloud-Transformation",{"href":502,"dataGaName":503,"dataGaLocation":441},"/de-de/topics/cloud-native/","cloud transformation",{"text":505,"config":506},"SCM",{"href":99,"dataGaName":507,"dataGaLocation":441},"source code management",{"text":90,"config":509},{"href":92,"dataGaName":510,"dataGaLocation":441},"continuous integration & delivery",{"text":139,"config":512},{"href":141,"dataGaName":513,"dataGaLocation":441},"value stream management",{"text":515,"config":516},"GitOps",{"href":517,"dataGaName":518,"dataGaLocation":441},"/de-de/solutions/gitops/","gitops",{"text":152,"config":520},{"href":154,"dataGaName":155,"dataGaLocation":441},{"text":157,"config":522},{"href":159,"dataGaName":160,"dataGaLocation":441},{"text":524,"config":525},"Öffentlicher Sektor",{"href":164,"dataGaName":165,"dataGaLocation":441},{"text":527,"config":528},"Bildungswesen",{"href":529,"dataGaName":530,"dataGaLocation":441},"/de-de/solutions/education/","education",{"text":532,"config":533},"Finanzdienstleistungen",{"href":534,"dataGaName":535,"dataGaLocation":441},"/de-de/solutions/finance/","financial services",{"title":172,"links":537},[538,540,542,544,547,549,551,553,555,557,559,561],{"text":184,"config":539},{"href":186,"dataGaName":187,"dataGaLocation":441},{"text":189,"config":541},{"href":191,"dataGaName":192,"dataGaLocation":441},{"text":194,"config":543},{"href":196,"dataGaName":197,"dataGaLocation":441},{"text":199,"config":545},{"href":201,"dataGaName":546,"dataGaLocation":441},"docs",{"text":222,"config":548},{"href":224,"dataGaName":225,"dataGaLocation":441},{"text":217,"config":550},{"href":219,"dataGaName":220,"dataGaLocation":441},{"text":227,"config":552},{"href":229,"dataGaName":230,"dataGaLocation":441},{"text":235,"config":554},{"href":237,"dataGaName":238,"dataGaLocation":441},{"text":240,"config":556},{"href":242,"dataGaName":243,"dataGaLocation":441},{"text":245,"config":558},{"href":247,"dataGaName":248,"dataGaLocation":441},{"text":250,"config":560},{"href":252,"dataGaName":253,"dataGaLocation":441},{"text":255,"config":562},{"href":257,"dataGaName":258,"dataGaLocation":441},{"title":273,"links":564},[565,567,569,571,573,575,577,581,586,588,590,592],{"text":280,"config":566},{"href":282,"dataGaName":275,"dataGaLocation":441},{"text":285,"config":568},{"href":287,"dataGaName":288,"dataGaLocation":441},{"text":293,"config":570},{"href":295,"dataGaName":296,"dataGaLocation":441},{"text":298,"config":572},{"href":300,"dataGaName":301,"dataGaLocation":441},{"text":303,"config":574},{"href":305,"dataGaName":306,"dataGaLocation":441},{"text":308,"config":576},{"href":310,"dataGaName":311,"dataGaLocation":441},{"text":578,"config":579},"Sustainability",{"href":580,"dataGaName":578,"dataGaLocation":441},"/sustainability/",{"text":582,"config":583},"Vielfalt, Inklusion und Zugehörigkeit",{"href":584,"dataGaName":585,"dataGaLocation":441},"/de-de/diversity-inclusion-belonging/","Diversity, inclusion and belonging",{"text":313,"config":587},{"href":315,"dataGaName":316,"dataGaLocation":441},{"text":323,"config":589},{"href":325,"dataGaName":326,"dataGaLocation":441},{"text":328,"config":591},{"href":330,"dataGaName":331,"dataGaLocation":441},{"text":593,"config":594},"Transparenzerklärung zu moderner Sklaverei",{"href":595,"dataGaName":596,"dataGaLocation":441},"https://handbook.gitlab.com/handbook/legal/modern-slavery-act-transparency-statement/","modern slavery transparency statement",{"title":598,"links":599},"Nimm Kontakt auf",[600,603,608,610,615,620,625],{"text":601,"config":602},"Sprich mit einem Experten/einer Expertin",{"href":36,"dataGaName":37,"dataGaLocation":441},{"text":604,"config":605},"Support",{"href":606,"dataGaName":607,"dataGaLocation":441},"https://support.gitlab.com/hc/en-us/articles/11626483177756-GitLab-Support","get help",{"text":347,"config":609},{"href":349,"dataGaName":350,"dataGaLocation":441},{"text":611,"config":612},"Status",{"href":613,"dataGaName":614,"dataGaLocation":441},"https://status.gitlab.com/","status",{"text":616,"config":617},"Nutzungsbedingungen",{"href":618,"dataGaName":619,"dataGaLocation":441},"/terms/","terms of use",{"text":621,"config":622},"Datenschutzerklärung",{"href":623,"dataGaName":624,"dataGaLocation":441},"/de-de/privacy/","privacy statement",{"text":626,"config":627},"Cookie-Einstellungen",{"dataGaName":628,"dataGaLocation":441,"id":629,"isOneTrustButton":15},"cookie preferences","ot-sdk-btn",{"items":631},[632,634,636],{"text":616,"config":633},{"href":618,"dataGaName":619,"dataGaLocation":441},{"text":621,"config":635},{"href":623,"dataGaName":624,"dataGaLocation":441},{"text":626,"config":637},{"dataGaName":628,"dataGaLocation":441,"id":629,"isOneTrustButton":15},45,{"id":640,"title":641,"authorSlugs":642,"body":6,"categorySlug":9,"config":644,"content":647,"description":6,"extension":13,"isFeatured":10,"meta":658,"navigation":15,"path":659,"publishedDate":653,"seo":660,"stem":662,"tagSlugs":663,"__hash__":664},"blogPosts/de-de/blog/gitlab-18-10-brings-ai-native-triage-and-remediation.yml","Gitlab 18 10 Brings Ai Native Triage And Remediation",[643],"alisa-ho",{"featured":10,"template":645,"slug":646},"BlogPost","gitlab-18-10-brings-ai-native-triage-and-remediation",{"title":648,"description":649,"authors":650,"heroImage":652,"date":653,"body":654,"category":9,"tags":655},"GitLab 18.10 bringt KI-native Triage und Behebung","Erfahre mehr über die Funktionen von GitLab Duo Agent Platform, die Rauschen reduzieren, echte Schwachstellen identifizieren und Ergebnisse in Lösungsvorschläge umwandeln.",[651],"Alisa Ho","https://res.cloudinary.com/about-gitlab-com/image/upload/v1773843921/rm35fx4gylrsu9alf2fx.png","2026-03-19","GitLab 18.10 führt neue KI-basierte Sicherheitsfunktionen ein, die auf die Verbesserung der Qualität und Geschwindigkeit des Schwachstellenmanagements ausgerichtet sind. Zusammen tragen diese Funktionen dazu bei, den Zeitaufwand für die Untersuchung von False Positives zu reduzieren und automatisierte Abhilfe direkt in den Workflow zu integrieren – so lassen sich Schwachstellen auch ohne tiefgreifende Sicherheitsexpertise beheben.\n\nDas ist neu:\n\n* [**Erkennung von False Positives bei statischen Anwendungssicherheitstests (SAST)**](https://docs.gitlab.com/user/application_security/vulnerabilities/false_positive_detection/) **ist jetzt allgemein verfügbar.** Dieser Flow nutzt ein LLM für agentisches Reasoning, um die Wahrscheinlichkeit zu bestimmen, ob eine Schwachstelle ein False Positive ist oder nicht. So können sich Sicherheits- und Entwicklungsteams zuerst auf die Behebung kritischer Schwachstellen konzentrieren.\n* [**Agentische SAST-Schwachstellenbehebung**](https://docs.gitlab.com/user/application_security/vulnerabilities/agentic_vulnerability_resolution/) **ist jetzt als Beta verfügbar.** Die agentische SAST-Schwachstellenbehebung erstellt automatisch einen Merge Request mit einem Lösungsvorschlag für verifizierte SAST-Schwachstellen. Das verkürzt die Zeit bis zur Behebung und reduziert den Bedarf an tiefgreifender Sicherheitsexpertise.\n* [**Erkennung von False Positives bei Geheimnissen**](https://docs.gitlab.com/user/application_security/vulnerabilities/secret_false_positive_detection/) **ist jetzt als Beta verfügbar.** Dieser Flow bringt die gleiche KI-basierte Rauschreduzierung in die Erkennung von Geheimnissen und kennzeichnet Dummy- und Test-Geheimnisse, um den Prüfaufwand zu verringern.\n\nDiese Flows stehen Kund(inn)en von GitLab Ultimate zur Verfügung, die GitLab Duo Agent Platform nutzen.\n\n## Triage-Zeit mit SAST-False-Positive-Erkennung verkürzen\n\nHerkömmliche SAST-Scanner kennzeichnen jedes verdächtige Codemuster, das sie finden – unabhängig davon, ob Codepfade erreichbar sind oder Frameworks das Risiko bereits abfangen. Ohne Laufzeitkontext können sie eine echte Schwachstelle nicht von sicherem Code unterscheiden, der lediglich gefährlich aussieht.\n\nDas bedeutet, dass Entwickler(innen) möglicherweise Stunden damit verbringen, Ergebnisse zu untersuchen, die sich als False Positives herausstellen. Mit der Zeit kann das das Vertrauen in den Bericht untergraben und die Teams verlangsamen, die für die Behebung echter Risiken verantwortlich sind.\n\nNach jedem SAST-Scan analysiert GitLab Duo Agent Platform automatisch neue kritische und hochgradig schwerwiegende Ergebnisse und fügt Folgendes hinzu:\n\n* Einen Konfidenzwert, der angibt, wie wahrscheinlich es ist, dass das Ergebnis ein False Positive ist\n* Eine KI-generierte Erklärung mit der Begründung\n* Ein visuelles Badge, das „Wahrscheinlich False Positive“ und „Wahrscheinlich echt“ in der UI leicht erkennbar macht\n\nDiese Ergebnisse erscheinen im [Sicherheitslückenbericht](https://docs.gitlab.com/user/application_security/vulnerability_report/), wie unten dargestellt. Der Bericht lässt sich filtern, um sich auf Ergebnisse zu konzentrieren, die als „Kein False Positive“ markiert sind. So können Teams ihre Zeit für die Behebung echter Schwachstellen nutzen, anstatt Rauschen zu sichten.\n\n![Sicherheitslückenbericht](https://res.cloudinary.com/about-gitlab-com/image/upload/v1773844787/i0eod01p7gawflllkgsr.png)\n\n\nDie Bewertung von GitLab Duo Agent Platform ist eine Empfehlung. Die Kontrolle über jedes False Positive bleibt erhalten, und die Begründung des Agenten kann jederzeit überprüft werden, um Vertrauen in das Modell aufzubauen.\n\n\n## Schwachstellen in automatisierte Fixes umwandeln\n\nZu wissen, dass eine Schwachstelle echt ist, ist nur die halbe Arbeit. Die Behebung erfordert weiterhin das Verständnis des Codepfads, das Schreiben eines sicheren Patches und die Sicherstellung, dass nichts anderes beeinträchtigt wird.\n\nWenn die Schwachstelle durch den SAST-False-Positive-Erkennungsflow als wahrscheinlich kein False Positive identifiziert wird, führt der agentische SAST-Schwachstellenbehebungsflow automatisch folgende Schritte aus:\n\n1. Liest den anfälligen Code und den umgebenden Kontext aus dem Repository\n2. Generiert hochwertige Lösungsvorschläge\n3. Validiert die Fixes durch automatisierte Tests\n4. Öffnet einen Merge Request mit einem Lösungsvorschlag, der Folgendes enthält:\n   * Konkrete Codeänderungen\n   * Einen Konfidenzwert\n   * Eine Erklärung, was geändert wurde und warum\n\nIn dieser Demo siehst du, wie GitLab eine SAST-Schwachstelle automatisch vom Erkennen bis hin zu einem prüfbereiten Merge Request verarbeiten kann. Beobachte, wie der Agent den Code liest, einen Fix generiert und validiert und einen MR mit klaren, nachvollziehbaren Änderungen öffnet – damit Entwickler(innen) schneller beheben können, ohne Sicherheitsexpert(inn)en sein zu müssen.\n\n\u003Ciframe src=\"https://player.vimeo.com/video/1174573325?badge=0&autopause=0&player_id=0&app_id=58479\" frameborder=\"0\" allow=\"autoplay; fullscreen; picture-in-picture; clipboard-write; encrypted-media; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" style=\"position:absolute;top:0;left:0;width:100%;height:100%;\" title=\"GitLab 18.10 AI SAST False Positive Auto Remediation\">\u003C/iframe>\u003Cscript src=\"https://player.vimeo.com/api/player.js\">\u003C/script>\n\nWie bei jedem KI-generierten Vorschlag sollte der vorgeschlagene Merge Request vor dem Zusammenführen sorgfältig geprüft werden.\n\n## Echte Geheimnisse identifizieren\n\nDie Erkennung von Geheimnissen ist nur dann nützlich, wenn Teams den Ergebnissen vertrauen. Wenn Berichte voller Test-Zugangsdaten, Platzhalterwerte und Beispiel-Token sind, verschwenden Entwickler(innen) möglicherweise Zeit mit der Überprüfung von Rauschen, anstatt echte Sicherheitslücken zu beheben. Das kann die Behebung verlangsamen und das Vertrauen in den Scan verringern.\n\nDie False-Positive-Erkennung bei Geheimnissen hilft Teams, sich auf die relevanten Geheimnisse zu konzentrieren und Risiken schneller zu reduzieren. Bei der Ausführung auf dem Standard-Branch werden automatisch folgende Schritte durchgeführt:\n\n1. Jedes Ergebnis wird analysiert, um wahrscheinliche Test-Zugangsdaten, Beispielwerte und Dummy-Geheimnisse zu identifizieren\n2. Ein Konfidenzwert wird zugewiesen, ob das Ergebnis ein echtes Risiko oder wahrscheinlich ein False Positive ist\n3. Eine Erklärung wird generiert, warum das Geheimnis als echt oder als Rauschen eingestuft wird\n4. Ein Badge wird im Sicherheitslückenbericht hinzugefügt, damit Entwickler(innen) den Status auf einen Blick erkennen können\n\nEntwickler(innen) können diese Analyse auch manuell über den Sicherheitslückenbericht auslösen, indem sie bei einem Ergebnis der Geheimniserkennung **„Auf False Positive prüfen“** auswählen. So lassen sich Ergebnisse ohne Risiko aussortieren und echte Geheimnisse schneller adressieren.\n\n## KI-basierte Sicherheit jetzt testen\n\nGitLab 18.10 führt Funktionen ein, die den gesamten Schwachstellen-Workflow abdecken – von der Reduzierung von False-Positive-Rauschen bei SAST und der Erkennung von Geheimnissen bis hin zur automatischen Generierung von Merge Requests mit Lösungsvorschlägen.\n\nUm zu erfahren, wie KI-basierte Sicherheit die Prüfzeit verkürzen und Ergebnisse in zusammenführbare Fixes umwandeln kann, [starte jetzt eine kostenlose Testversion von GitLab Duo Agent Platform](https://about.gitlab.com/de-de/gitlab-duo-agent-platform/).",[656,9,657],"product","features",{},"/de-de/blog/gitlab-18-10-brings-ai-native-triage-and-remediation",{"config":661,"title":648,"description":649},{"noIndex":10},"de-de/blog/gitlab-18-10-brings-ai-native-triage-and-remediation",[656,9,657],"bnqjQ_n0lC9niyC56zVWz6UtmaMIfZ0IKb5ExgtftdQ",[666,675,684,694,703,711,720,728,736],{"content":667,"config":673},{"title":668,"heroImage":669,"category":9,"description":670,"authors":671},"Schnellere und präzisere Scans mit GitLab Advanced SAST","https://res.cloudinary.com/about-gitlab-com/image/upload/v1759320418/xjmqcozxzt4frx0hori3.png","Neue Verbesserungen in GitLab 18.5 erhöhen Genauigkeit und Geschwindigkeit von Advanced SAST für bessere Workflows.",[672],"Salman Ladha",{"externalUrl":-1,"slug":674},"delivering-faster-and-smarter-scans-with-advanced-sast",{"content":676,"config":682},{"title":677,"heroImage":678,"category":9,"description":679,"authors":680},"Systematische Anwendungssicherheit mit GitLab DAST: Compliance-Framework für deutsche Unternehmen","https://res.cloudinary.com/about-gitlab-com/image/upload/v1756122536/akivvcnafog9c4dhhzkp.png","Wie Dynamic Application Security Testing (DAST) deutschen Unternehmen bei der systematischen Implementierung von Sicherheits-Governance und Compliance-Automation hilft.",[681],"Fernando Diaz",{"externalUrl":-1,"slug":683},"comprehensive-guide-to-gitlab-dast",{"content":685,"config":692},{"title":686,"heroImage":687,"category":9,"description":688,"authors":689},"Leitfaden für das Entwickeln sicherer Retail-Apps mit GitLab","https://res.cloudinary.com/about-gitlab-com/image/upload/v1756989645/fojzxakmfdea6jfqjkrl.png","So hilft die DevSecOps-Plattform Händlern bei der Entwicklung sicherer, konformer Software für komplexe Retail-Umgebungen.",[690,691],"Itzik Gan Baruch","Rebeca Fenoy-Anthony",{"externalUrl":-1,"slug":693},"a-developers-guide-to-building-secure-retail-apps-with-gitlab",{"content":695,"config":701},{"title":696,"heroImage":697,"category":9,"description":698,"authors":699},"GitLab deckt Bittensor-Diebstahlkampagne über PyPI auf","https://res.cloudinary.com/about-gitlab-com/image/upload/f_auto,q_auto,c_lfill/v1750098739/Blog/Hero%20Images/Blog/Hero%20Images/AdobeStock_282096522_securitycompliance.jpeg_1750098739024.jpg","Das Vulnerability Research Team von GitLab identifizierte eine Supply-Chain-Angriffskampagne, die Typosquatting-PyPI-Pakete verwendet, um Kryptowährung aus Bittensor-Wallets durch Manipulation von Staking-Operationen zu stehlen.",[700],"Michael Henriksen",{"externalUrl":-1,"slug":702},"gitlab-uncovers-bittensor-theft-campaign-via-pypi",{"content":704,"config":709},{"title":705,"heroImage":706,"category":9,"description":707,"authors":708},"Warum Organisationen bei der Software Supply Chain Security kämpfen","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750097701/Blog/Hero%20Images/Blog/Hero%20Images/blog-image-template-1800x945%20%285%29_1iy516k40hwBDChKcUJ2zb_1750097700983.png","Der erste Teil dieser Serie behandelt die wichtigsten Herausforderungen, praktische Lösungsansätze und aktuelle Trends wie KI – Wissen, das jedes Entwicklungsteam braucht.",[690],{"externalUrl":-1,"slug":710},"software-supply-chain-security-guide-why-organizations-struggle",{"content":712,"config":718},{"title":713,"heroImage":714,"category":9,"description":715,"authors":716},"Wie du das Management von Compliance-Beobachtungen mit GitLab transformierst","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749675154/Blog/Hero%20Images/blog-image-template-1800x945__8_.png","Erfahre, wie das Security-Compliance-Team von GitLab das Beobachtungsmanagement mithilfe der DevSecOps-Plattform verbessert hat und dabei Transparenz, Zusammenarbeit und Verantwortlichkeit gesteigert hat.",[717],"Madeline Lake",{"externalUrl":-1,"slug":719},"how-to-transform-compliance-observation-management-with-gitlab",{"content":721,"config":726},{"title":722,"heroImage":723,"category":9,"description":724,"authors":725},"Die Sichtbarkeitslücke in der Software Supply Chain Security schließen","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749661926/Blog/Hero%20Images/security-patch-blog-image-r2-0506-700x400-fy25_2x.jpg","GitLab 18.2 bietet Unterstützung für umfassende Scanner-Abdeckung und Visualisierung transitiver Abhängigkeiten.",[672],{"externalUrl":-1,"slug":727},"bridging-the-visibility-gap-in-software-supply-chain-security",{"content":729,"config":734},{"title":730,"heroImage":731,"category":9,"description":732,"authors":733},"GitLab entdeckt MongoDB Go-Modul Supply-Chain-Angriff","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750098739/Blog/Hero%20Images/Blog/Hero%20Images/AdobeStock_282096522_securitycompliance.jpeg_1750098739024.jpg","Erfahre, wie GitLab einen Supply-Chain-Angriff aufgedeckt hat, der Go-Entwickler(innen) durch gefälschte MongoDB-Treiber ins Visier nahm, die persistente Backdoor-Malware bereitstellen.",[700],{"externalUrl":-1,"slug":735},"gitlab-catches-mongodb-go-module-supply-chain-attack",{"content":737,"config":743},{"title":738,"heroImage":739,"category":9,"description":740,"authors":741},"Letztes Jahr haben wir das Secure by Design-Versprechen unterzeichnet – hier ist unser Fortschritt","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749659684/Blog/Hero%20Images/AdobeStock_479904468__1_.jpg","Erfahre mehr über GitLabs CISA-konforme Erweiterungen und Verbesserungen bei MFA, Reduzierung von Standardpasswörtern, Patches und Offenlegung von Schwachstellen.",[742],"Joseph Longo",{"externalUrl":-1,"slug":744},"last-year-we-signed-the-secure-by-design-pledge-heres-our-progress",1776444542083]