[{"data":1,"prerenderedAt":1138},["ShallowReactive",2],{"/de-de/blog/security-configuration-profiles":3,"navigation-de-de":371,"banner-de-de":791,"footer-de-de":800,"blog-post-authors-de-de-Michael Omokoh":1039,"blog-related-posts-de-de-security-configuration-profiles":1053,"blog-promotions-de-de":1076,"next-steps-de-de":1128},{"id":4,"title":5,"authors":6,"body":8,"category":352,"date":353,"description":354,"extension":355,"externalUrl":356,"featured":357,"heroImage":358,"meta":359,"navigation":357,"path":360,"seo":361,"slug":364,"stem":365,"tags":366,"template":369,"updatedDate":356,"__hash__":370},"blogPosts/de-de/blog/security-configuration-profiles.md","Vollständige Security-Scanner-Abdeckung der Codebase in Minuten",[7],"Michael Omokoh",{"type":9,"value":10,"toc":341},"minimark",[11,15,25,28,41,46,49,57,60,64,70,78,82,85,92,98,105,109,112,124,132,140,148,152,155,186,193,196,206,218,222,233,259,267,286,294,306,310],[12,13,14],"p",{},"Die gesamte Branche steht vor derselben Herausforderung: Mit wachsenden\nOrganisationen wird die manuelle Konfiguration von Scannern für jede\nPipeline-Definitionsdatei nicht mehr skalierbar. KI beschleunigt das Tempo,\nmit dem Teams Code ausliefern – und damit entstehen mehr Projekte, mehr\nPipelines und mehr Angriffsfläche, die abgesichert werden muss. Was als\nbewusste Sicherheitsentscheidung begann, wird zu geerbter Konfiguration, der\nniemand mehr gehört, nie nachgefüllter Abdeckung und Lücken, die unsichtbar\nbleiben, bis sie es nicht mehr sind.",[12,16,17,18,24],{},"Security-Teams müssen Scanner skaliert einsetzen, nicht Projekt für Projekt\nmit manuellen YAML-Dateien. Ein\n",[19,20,23],"a",{"href":21,"rel":22},"https://docs.gitlab.com/user/application_security/configuration/security_configuration_profiles/",[],"Security Configuration Profile","\nist eine zentrale Einstellung in der UI, über die Security-Teams festlegen,\nwie und wann Security-Scanner über Projekte hinweg laufen – ohne Scanner\nmanuell in Pipeline-Definitionsdateien zu konfigurieren. Mit GitLab 19.0\nlassen sich über Security Configuration Profiles Static Application Security\nTesting (SAST), Dependency Scanning und Secret Detection über alle Projekte\nhinweg vom ersten Tag an aktivieren.",[12,26,27],{},"Das folgende Video demonstriert Security Configuration Profiles:",[29,30,33,34],"figure",{"className":31},[32],"video_container","\n  ",[35,36,40],"iframe",{"src":37,"frameBorder":38,"allowFullScreen":39},"https://www.youtube.com/embed/QbnLGzTEqGI?si=R1xO3Dlpj8JaFxsg","0","true"," ",[42,43,45],"h2",{"id":44},"manuelle-aktivierung-kann-mit-ki-getriebenem-code-tempo-nicht-mithalten","Manuelle Aktivierung kann mit KI-getriebenem Code-Tempo nicht mithalten",[12,47,48],{},"Im kleinen Maßstab ist die manuelle Scanner-Konfiguration pro Projekt\nhandhabbar. Ein Team, eine Handvoll Repositories, ein Security-Engineer, der\nweiß, wo alles liegt. Das Modell wird schwieriger zu pflegen, wenn\nOrganisationen Teams und Projekte hinzufügen – und KI vergrößert die Lücke\nzwischen Code-Tempo und Security-Abdeckung täglich weiter.",[12,50,51,52,56],{},"Die Drift zeigt sich auf bekannte Weisen. Teams kopieren Scanner-Konfiguration\naus der nächstbesten Quelle, sodass SAST im Backend-Service mit einem\nRegelwerk läuft und im Frontend mit einem anderen. Dependency Scanning wird\nneuen Projekten hinzugefügt, aber nie für ältere nachgerüstet. Jemand\naktualisiert eine ",[53,54,55],"code",{},".gitlab-ci.yml","-Datei, um ein Pipeline-Problem zu beheben,\nund ein Scanner fällt dabei heraus.",[12,58,59],{},"Ohne eine zentrale Übersicht ergeben individuelle Entscheidungen über\nScanner-Abdeckung selten eine konsistente Security-Posture über eine\nOrganisation hinweg.",[42,61,63],{"id":62},"was-sind-security-configuration-profiles","Was sind Security Configuration Profiles?",[12,65,66,67,69],{},"Ein Security Configuration Profile ist eine zentrale Gruppe von Einstellungen,\ndie festlegt, wie und wann ein Security-Scanner über Projekte hinweg läuft.\nStatt SAST, Secret Detection oder Dependency Scanning einzeln in der\n",[53,68,55],{}," jedes Projekts zu konfigurieren, wird ein Profil einmalig\nauf Group-Ebene definiert und in einer Aktion auf beliebig viele Projekte\nangewendet.",[12,71,72,73,77],{},"GitLab liefert Standardprofile für jeden Scanner: vorkonfigurierte\nEinstellungen, die Best Practices widerspiegeln – damit das Scanning über\nProjekte hinweg in Minuten läuft, ohne eine Zeile YAML zu schreiben. Alle\ntechnischen Details sind in der\n",[19,74,76],{"href":21,"rel":75},[],"Security-Configuration-Profiles-Dokumentation","\nzu finden.",[42,79,81],{"id":80},"wie-profile-funktionieren-scan-trigger-und-abdeckung","Wie Profile funktionieren: Scan-Trigger und Abdeckung",[12,83,84],{},"Jedes Standardprofil aktiviert eine Reihe von Scan-Triggern, die festlegen,\nwann das Scanning läuft. Für SAST und Dependency Scanning gelten zwei Trigger.",[12,86,87,91],{},[88,89,90],"strong",{},"Merge-Request-Pipelines."," Ein Scan läuft automatisch, wenn neue Commits\nin einen Branch mit einem offenen Merge Request gepusht werden. Ergebnisse\nsind auf Schwachstellen beschränkt, die durch diesen Merge Request eingeführt\nwurden – Entwicklungsteams erhalten fokussiertes, umsetzbares Feedback ohne\nRauschen durch bereits bestehende Probleme.",[12,93,94,97],{},[88,95,96],{},"Branch-Pipelines (nur Default Branch)."," Ein Scan läuft automatisch, wenn\nÄnderungen in den Default Branch gemergt oder gepusht werden – damit haben\nSecurity-Teams jederzeit ein vollständiges Bild der Security-Posture des\nDefault Branch.",[12,99,100,101,104],{},"Secret Detection umfasst beide Trigger und fügt einen dritten hinzu: Push\nProtection. Statt auf eine Pipeline zu warten, fängt Push Protection Secrets\nin Echtzeit während des ",[53,102,103],{},"git push","-Prozesses ab und blockiert den Push, bevor\ndas Secret die Codebase erreicht. Da es ereignisbasiert und nicht\npipeline-basiert ist, ist kein Scan-Datum im Security Inventory daran\nangehängt.",[42,106,108],{"id":107},"anwendungsfälle","Anwendungsfälle",[12,110,111],{},"Vier Praxisszenarien, in denen Security Configuration Profiles Wirkung zeigen:",[12,113,114,117,120,121,123],{},[88,115,116],{},"Abdeckung über eine große Group standardisieren",[118,119],"br",{},"\nEin Platform-Security-Team verwaltet Hunderte von Projekten über Dutzende\nvon Subgroups. Das Security Inventory gibt ihnen eine einzige Übersicht über\ndie Scanner-Abdeckung in allen Projekten – einschließlich welche SAST nutzen,\nwelche nicht und welche fehlerhafte Scans haben. Über dieses Dashboard wählt\ndas Team alle Projekte aus und wendet die Standardprofile in einer\nBulk-Aktion an. Jedes Projekt läuft jetzt SAST, Secret Detection und\nDependency Scanning auf Merge-Request- und Branch-Pipelines – ohne eine\neinzige ",[53,122,55],{},"-Änderung.",[12,125,126,129,131],{},[88,127,128],{},"Schwachstelle auf Code-Ebene abfangen, bevor sie ausgeliefert wird",[118,130],{},"\nEin Entwickler in einem schnell agierenden Team führt ein unsicheres\nDeserialisierungsmuster ein, während er einen neuen API-Endpunkt baut.\nKein Vorsatz – nur ein Fehler unter Zeitdruck. Mit angewendetem SAST-Profil\nläuft ein Scan automatisch, wenn das Team Commits in den Merge-Request-Branch\npusht. Die Schwachstelle wird markiert, bevor der Merge Request genehmigt\nwird – zu einem Zeitpunkt, an dem ein Entwickler eine Stunde für den Fix\nbraucht statt Tage Incident-Response danach.",[12,133,134,137,139],{},[88,135,136],{},"Kompromittierte Abhängigkeit abfangen, bevor sie die Produktion erreicht",[118,138],{},"\nEin Entwickler aktualisiert eine Abhängigkeit im Lockfile. Die neue Version\neines weit verbreiteten Pakets wurde kompromittiert und enthält einen\nbösartigen Payload. Dependency Scanning läuft automatisch auf der\nMerge-Request-Pipeline und markiert die kompromittierte Version, bevor der\nBranch gemergt wird. Die Meldung erfolgt am Punkt der Änderung – nicht\nnachdem das Paket auf Build-Servern und in Produktionsumgebungen installiert\nwurde.",[12,141,142,145,147],{},[88,143,144],{},"Secrets abfangen, bevor sie landen",[118,146],{},"\nEin Entwickler fügt versehentlich einen API-Key in einen Commit ein, während\ner ein Pipeline-Problem debuggt. Ein häufiger Fehler, der in einem geschäftigen\nTeam tagelang unbemerkt bleiben kann. Mit angewendetem Secret-Detection-Profil\nfängt Push Protection den Push in Echtzeit ab und blockiert ihn, bevor das\nSecret das Repository erreicht. Der Entwickler erhält sofortiges Feedback am\nPunkt des Fehlers – kein Security-Report, kein Incident-Ticket, keine\nCredential-Rotation erforderlich.",[42,149,151],{"id":150},"erste-schritte-von-null-zu-vollständiger-abdeckung-in-minuten","Erste Schritte: Von null zu vollständiger Abdeckung in Minuten",[12,153,154],{},"Security Configuration Profiles sind jetzt auf GitLab Ultimate für GitLab.com,\nGitLab Self-Managed und GitLab Dedicated verfügbar. So werden Standardprofile\nauf Projekte angewendet:",[156,157,158,166,169,180],"ol",{},[159,160,161,162,165],"li",{},"Für die Group zu ",[88,163,164],{},"Secure > Security Inventory"," navigieren.",[159,167,168],{},"Die gewünschten Projekte auswählen oder alle markieren.",[159,170,171,172,175,176,179],{},"Im Dropdown ",[88,173,174],{},"Bulk Action"," die Option ",[88,177,178],{},"Manage security scanners"," wählen.",[159,181,182,185],{},[88,183,184],{},"Apply default profile to all"," auswählen.",[12,187,188,189,192],{},"Zum Überprüfen des Abdeckungsstatus nach der Profil-Anwendung zurück zum\nSecurity Inventory und die Spalte ",[88,190,191],{},"Tool Coverage"," prüfen. Ein durchgehend\ngrüner Balken zeigt, dass der Scanner vollständig aktiv ist. Ein teilweise\ngefüllter Balken bedeutet, dass einige Trigger aktiv sind, andere nicht. Ein\ngrauer Balken zeigt an, dass der Scanner noch nicht konfiguriert ist.",[12,194,195],{},"Für die vollständigen technischen Details eines Profils – einschließlich\nScan-Triggern und aktuellem Status – den Profilnamen im Security Inventory\nauswählen.",[12,197,198,199,201,202,205],{},"Wenn Projekte bereits Scanner-Konfiguration in ",[53,200,55],{}," haben: Profil-\nund Legacy-Konfiguration können nebeneinander existieren, aber der\nSecurity-Inventory-Tooltip spiegelt den kombinierten Status während des\nÜbergangs möglicherweise nicht korrekt wider. Für die genaueste Ansicht des\naktuellen Profilstatus die Security-Configuration-Seite des einzelnen Projekts\nprüfen. Weitere Details in der\n",[19,203,76],{"href":21,"rel":204},[],".",[207,208,209],"blockquote",{},[12,210,211,212,217],{},"Noch kein GitLab Ultimate?\n",[19,213,216],{"href":214,"rel":215},"https://gitlab.com/-/trial_registrations/new",[],"Kostenlose Testversion starten","\nund SAST, Secret Detection und Dependency Scanning über alle Projekte in\nMinuten aktivieren.",[42,219,221],{"id":220},"faq","FAQ",[12,223,224,227,229,230,232],{},[88,225,226],{},"Was ist ein Security Configuration Profile?",[118,228],{},"\nEin Security Configuration Profile ist eine zentrale Gruppe von Einstellungen,\ndie festlegt, wie und wann ein Security-Scanner über Projekte hinweg läuft.\nStatt Scanner manuell in der ",[53,231,55],{}," jedes Projekts zu konfigurieren,\nwird ein Profil einmalig angewendet und deckt jedes Projekt in der Group ab.",[12,234,235,238,240,241,246,247,252,253,258],{},[88,236,237],{},"Welche Scanner haben Standardprofile in GitLab 19.0?",[118,239],{},"\nGitLab 19.0 vervollständigt den ersten Satz von Standardprofilen und fügt\n",[19,242,245],{"href":243,"rel":244},"https://docs.gitlab.com/releases/19/gitlab-19-0-released/#dependency-scanning-in-security-configuration-profiles",[],"Dependency Scanning","\nneben dem seit 18.9 ausgebauten\n",[19,248,251],{"href":249,"rel":250},"https://docs.gitlab.com/releases/18/gitlab-18-10-released/#pipeline-secret-detection-in-security-configuration-profiles",[],"Secret-Detection-Profil","\nund dem in 18.11 eingeführten\n",[19,254,257],{"href":255,"rel":256},"https://docs.gitlab.com/releases/18/gitlab-18-11-released/#sast-scanning-in-security-configuration-profiles",[],"SAST-Profil","\nhinzu. Jedes Profil aktiviert einen empfohlenen Satz von Scan-Triggern ohne\nmanuelle Konfiguration.",[12,260,261,264,266],{},[88,262,263],{},"Welche Scan-Trigger aktiviert jedes Profil?",[118,265],{},"\nDas Secret-Detection-Profil aktiviert drei Trigger: Push Protection,\nMerge-Request-Pipelines und Branch-Pipelines auf den Default Branch. Die\nSAST- und Dependency-Scanning-Profile aktivieren zwei Trigger:\nMerge-Request-Pipelines und Branch-Pipelines auf den Default Branch.",[12,268,269,275,277,278,280,281,285],{},[88,270,271,272,274],{},"Ersetzen Profile die bestehende ",[53,273,55],{},"-Scanner-Konfiguration?",[118,276],{},"\nNicht automatisch. Profil- und Legacy-Konfigurationen können nebeneinander\nexistieren. Wer ausschließlich profilbasierte Konfiguration nutzen möchte,\nentfernt die jeweilige Scanner-Konfiguration aus den ",[53,279,55],{},"-Dateien.\nDie Seite\n",[19,282,284],{"href":21,"rel":283},[],"Security Configuration","\ndes jeweiligen Projekts zeigt den jeweils aktuellsten Status während einer\nUmstellung.",[12,287,288,291,293],{},[88,289,290],{},"Welches GitLab-Tier ist erforderlich?",[118,292],{},"\nSecurity Configuration Profiles sind auf GitLab Ultimate verfügbar – für\nGitLab.com, GitLab Self-Managed und GitLab Dedicated.",[12,295,296,299,301,302,305],{},[88,297,298],{},"Lassen sich Profile auf einzelne Projekte statt auf eine gesamte Group anwenden?",[118,300],{},"\nJa. Im Security Inventory kann die Scanner-Abdeckung für einzelne Projekte\nüber das vertikale Dreipunktmenü neben dem Projekt und die Option ",[88,303,304],{},"Manage\ntool coverage"," verwaltet werden.",[42,307,309],{"id":308},"weitere-informationen-zu-gitlab-190","Weitere Informationen zu GitLab 19.0",[311,312,313,320,327,334],"ul",{},[159,314,315],{},[19,316,319],{"href":317,"rel":318},"https://about.gitlab.com/de-de/blog/secrets-manager-in-public-beta/",[],"CI/CD-Credentials mit GitLab Secrets Manager verwalten",[159,321,322],{},[19,323,326],{"href":324,"rel":325},"https://about.gitlab.com/de-de/blog/transform-mrs-to-automated-workflow/",[],"MRs von manuellen Aufgaben zu automatisierten Workflows transformieren",[159,328,329],{},[19,330,333],{"href":331,"rel":332},"https://about.gitlab.com/de-de/blog/track-ci-component-usage/",[],"CI-Komponentennutzung in der Organisation nachverfolgen",[159,335,336],{},[19,337,340],{"href":338,"rel":339},"https://about.gitlab.com/de-de/blog/more-ai-models-for-duo-agent-platform-self-hosted/",[],"Mehr KI-Modelle für GitLab Duo Agent Platform Self-Hosted",{"title":342,"searchDepth":343,"depth":343,"links":344},"",2,[345,346,347,348,349,350,351],{"id":44,"depth":343,"text":45},{"id":62,"depth":343,"text":63},{"id":80,"depth":343,"text":81},{"id":107,"depth":343,"text":108},{"id":150,"depth":343,"text":151},{"id":220,"depth":343,"text":221},{"id":308,"depth":343,"text":309},"security","2026-05-26","Security Configuration Profiles ermöglichen schnellere Scanner-Rollouts. Wie GitLab 19.0 Tausende von Projekten in Minuten abdeckt – ohne Lücken.","md",null,true,"https://res.cloudinary.com/about-gitlab-com/image/upload/v1779189265/iqzyhhiwagxzwywvjzow.png",{},"/de-de/blog/security-configuration-profiles",{"config":362,"title":5,"description":354},{"noIndex":363},false,"security-configuration-profiles","de-de/blog/security-configuration-profiles",[352,367,368],"features","product","BlogPost","i_4CUXEgjnIpV0kk7YPmSpNm66sPoaKsG-KLhOam8zM",{"logo":372,"freeTrial":377,"sales":382,"login":387,"items":392,"search":709,"minimal":743,"duo":761,"switchNav":770,"pricingDeployment":781},{"config":373},{"href":374,"dataGaName":375,"dataGaLocation":376},"/de-de/","gitlab logo","header",{"text":378,"config":379},"Kostenlose Testversion anfordern",{"href":380,"dataGaName":381,"dataGaLocation":376},"https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/de-de&glm_content=default-saas-trial/","free trial",{"text":383,"config":384},"Vertrieb kontaktieren",{"href":385,"dataGaName":386,"dataGaLocation":376},"/de-de/sales/","sales",{"text":388,"config":389},"Anmelden",{"href":390,"dataGaName":391,"dataGaLocation":376},"https://gitlab.com/users/sign_in/","sign in",[393,422,524,529,633,689],{"text":394,"config":395,"menu":397},"Plattform",{"dataNavLevelOne":396},"platform",{"type":398,"columns":399},"cards",[400,406,414],{"title":394,"description":401,"link":402},"Die intelligente Orchestrierungsplattform für DevSecOps",{"text":403,"config":404},"Die Plattform erkunden",{"href":405,"dataGaName":396,"dataGaLocation":376},"/de-de/platform/",{"title":407,"description":408,"link":409},"GitLab Duo Agent Platform","Agentische KI für den gesamten Software-Lebenszyklus",{"text":410,"config":411},"Lerne GitLab Duo kennen",{"href":412,"dataGaName":413,"dataGaLocation":376},"/de-de/gitlab-duo-agent-platform/","gitlab duo agent platform",{"title":415,"description":416,"link":417},"Warum GitLab?","Erfahre, warum sich Unternehmen für GitLab entscheiden",{"text":418,"config":419},"Mehr erfahren",{"href":420,"dataGaName":421,"dataGaLocation":376},"/de-de/why-gitlab/","why gitlab",{"text":423,"left":357,"config":424,"menu":426},"Produkt",{"dataNavLevelOne":425},"solutions",{"type":427,"link":428,"columns":432,"feature":503},"lists",{"text":429,"config":430},"Alle Lösungen anzeigen",{"href":431,"dataGaName":425,"dataGaLocation":376},"/de-de/solutions/",[433,458,481],{"title":434,"description":435,"link":436,"items":441},"Automatisierung","CI/CD und Automatisierung zur Beschleunigung der Bereitstellung",{"config":437},{"icon":438,"href":439,"dataGaName":440,"dataGaLocation":376},"AutomatedCodeAlt","/de-de/solutions/delivery-automation/","automated software delivery",[442,446,449,454],{"text":443,"config":444},"CI/CD",{"href":445,"dataGaLocation":376,"dataGaName":443},"/de-de/solutions/continuous-integration/",{"text":407,"config":447},{"href":412,"dataGaLocation":376,"dataGaName":448},"gitlab duo agent platform - product menu",{"text":450,"config":451},"Quellcodeverwaltung",{"href":452,"dataGaLocation":376,"dataGaName":453},"/de-de/solutions/source-code-management/","Source Code Management",{"text":455,"config":456},"Automatische Softwarebereitstellung",{"href":439,"dataGaLocation":376,"dataGaName":457},"Automated software delivery",{"title":459,"description":460,"link":461,"items":466},"Sicherheit","Entwickle Code schneller ohne Abstriche bei der Sicherheit",{"config":462},{"href":463,"dataGaName":464,"dataGaLocation":376,"icon":465},"/de-de/solutions/application-security-testing/","security and compliance","ShieldCheckLight",[467,471,476],{"text":468,"config":469},"Anwendungssicherheitstests",{"href":463,"dataGaName":470,"dataGaLocation":376},"Application security testing",{"text":472,"config":473},"Sicherheit der Software-Lieferkette",{"href":474,"dataGaLocation":376,"dataGaName":475},"/de-de/solutions/supply-chain/","Software supply chain security",{"text":477,"config":478},"Software-Compliance",{"href":479,"dataGaName":480,"dataGaLocation":376},"/de-de/solutions/software-compliance/","software compliance",{"title":482,"link":483,"items":488},"Messung",{"config":484},{"icon":485,"href":486,"dataGaName":487,"dataGaLocation":376},"DigitalTransformation","/de-de/solutions/visibility-measurement/","visibility and measurement",[489,493,498],{"text":490,"config":491},"Sichtbarkeit und Messung",{"href":486,"dataGaLocation":376,"dataGaName":492},"Visibility and Measurement",{"text":494,"config":495},"Wertstrommanagement",{"href":496,"dataGaLocation":376,"dataGaName":497},"/de-de/solutions/value-stream-management/","Value Stream Management",{"text":499,"config":500},"Analysen und Einblicke",{"href":501,"dataGaLocation":376,"dataGaName":502},"/de-de/solutions/analytics-and-insights/","Analytics and insights",{"title":504,"type":427,"items":505},"GitLab für",[506,512,518],{"text":507,"config":508},"Enterprise",{"icon":509,"href":510,"dataGaLocation":376,"dataGaName":511},"Building","/de-de/enterprise/","enterprise",{"text":513,"config":514},"Kleinunternehmen",{"icon":515,"href":516,"dataGaLocation":376,"dataGaName":517},"Work","/de-de/small-business/","small business",{"text":519,"config":520},"Öffentlicher Sektor",{"icon":521,"href":522,"dataGaLocation":376,"dataGaName":523},"Organization","/de-de/solutions/public-sector/","public sector",{"text":525,"config":526},"Preise",{"href":527,"dataGaName":528,"dataGaLocation":376,"dataNavLevelOne":528},"/de-de/pricing/","pricing",{"text":530,"config":531,"menu":533},"Ressourcen",{"dataNavLevelOne":532},"resources",{"type":427,"link":534,"columns":538,"feature":622},{"text":535,"config":536},"Alle Ressourcen anzeigen",{"href":537,"dataGaName":532,"dataGaLocation":376},"/de-de/resources/",[539,572,594],{"title":540,"items":541},"Erste Schritte",[542,547,552,557,562,567],{"text":543,"config":544},"Installieren",{"href":545,"dataGaName":546,"dataGaLocation":376},"/de-de/install/","install",{"text":548,"config":549},"Kurzanleitungen",{"href":550,"dataGaName":551,"dataGaLocation":376},"/de-de/get-started/","quick setup checklists",{"text":553,"config":554},"Lernen",{"href":555,"dataGaLocation":376,"dataGaName":556},"https://university.gitlab.com/","learn",{"text":558,"config":559},"Produktdokumentation",{"href":560,"dataGaName":561,"dataGaLocation":376},"https://docs.gitlab.com/","product documentation",{"text":563,"config":564},"Best-Practice-Videos",{"href":565,"dataGaName":566,"dataGaLocation":376},"/de-de/getting-started-videos/","best practice videos",{"text":568,"config":569},"Integrationen",{"href":570,"dataGaName":571,"dataGaLocation":376},"/de-de/integrations/","integrations",{"title":573,"items":574},"Entdecken",[575,580,585,589],{"text":576,"config":577},"Kundenerfolge",{"href":578,"dataGaName":579,"dataGaLocation":376},"/de-de/customers/","customer success stories",{"text":581,"config":582},"Blog",{"href":583,"dataGaName":584,"dataGaLocation":376},"/de-de/blog/","blog",{"text":586,"config":587},"The Source",{"href":588,"dataGaName":584,"dataGaLocation":376},"/de-de/the-source/",{"text":590,"config":591},"Remote",{"href":592,"dataGaName":593,"dataGaLocation":376},"https://handbook.gitlab.com/handbook/company/culture/all-remote/","remote",{"title":595,"items":596},"Vernetzen",[597,602,607,612,617],{"text":598,"config":599},"GitLab-Services",{"href":600,"dataGaName":601,"dataGaLocation":376},"/de-de/services/","services",{"text":603,"config":604},"Community",{"href":605,"dataGaName":606,"dataGaLocation":376},"/community/","community",{"text":608,"config":609},"Forum",{"href":610,"dataGaName":611,"dataGaLocation":376},"https://forum.gitlab.com/","forum",{"text":613,"config":614},"Veranstaltungen",{"href":615,"dataGaName":616,"dataGaLocation":376},"/events/","events",{"text":618,"config":619},"Partner",{"href":620,"dataGaName":621,"dataGaLocation":376},"/de-de/partners/","partners",{"config":623,"title":626,"text":627,"link":628},{"background":624,"textColor":625},"url('https://res.cloudinary.com/about-gitlab-com/image/upload/v1777322348/qpq8yrgn8knii57omj0c.png')","#000","Neues bei GitLab","Über die neuesten Funktionen und Verbesserungen auf dem Laufenden bleiben.",{"text":629,"config":630},"Aktuelle Nachrichten",{"href":631,"dataGaName":632,"dataGaLocation":376},"/de-de/whats-new/","whats new",{"text":634,"config":635,"menu":637},"Company",{"dataNavLevelOne":636},"company",{"type":427,"columns":638},[639],{"items":640},[641,646,652,654,659,664,669,674,679,684],{"text":642,"config":643},"Über",{"href":644,"dataGaName":645,"dataGaLocation":376},"/de-de/company/","about",{"text":647,"config":648,"footerGa":651},"Karriere",{"href":649,"dataGaName":650,"dataGaLocation":376},"/jobs/","jobs",{"dataGaName":650},{"text":613,"config":653},{"href":615,"dataGaName":616,"dataGaLocation":376},{"text":655,"config":656},"Geschäftsführung",{"href":657,"dataGaName":658,"dataGaLocation":376},"/company/team/e-group/","leadership",{"text":660,"config":661},"Handbuch",{"href":662,"dataGaName":663,"dataGaLocation":376},"https://handbook.gitlab.com/","handbook",{"text":665,"config":666},"Investor Relations",{"href":667,"dataGaName":668,"dataGaLocation":376},"https://ir.gitlab.com/","investor relations",{"text":670,"config":671},"Trust Center",{"href":672,"dataGaName":673,"dataGaLocation":376},"/de-de/security/","trust center",{"text":675,"config":676},"AI Transparency Center",{"href":677,"dataGaName":678,"dataGaLocation":376},"/de-de/ai-transparency-center/","ai transparency center",{"text":680,"config":681},"Newsletter",{"href":682,"dataGaName":683,"dataGaLocation":376},"/company/contact/#contact-forms","newsletter",{"text":685,"config":686},"Presse",{"href":687,"dataGaName":688,"dataGaLocation":376},"/press/","press",{"text":690,"config":691,"menu":692},"Kontakt",{"dataNavLevelOne":636},{"type":427,"columns":693},[694],{"items":695},[696,699,704],{"text":383,"config":697},{"href":385,"dataGaName":698,"dataGaLocation":376},"talk to sales",{"text":700,"config":701},"Support-Portal",{"href":702,"dataGaName":703,"dataGaLocation":376},"https://support.gitlab.com","support portal",{"text":705,"config":706},"Kundenportal",{"href":707,"dataGaName":708,"dataGaLocation":376},"https://customers.gitlab.com/customers/sign_in/","customer portal",{"close":710,"login":711,"suggestions":718},"Schließen",{"text":712,"link":713},"Um Repositorys und Projekte zu durchsuchen, melde dich an bei",{"text":714,"config":715},"gitlab.com",{"href":390,"dataGaName":716,"dataGaLocation":717},"search login","search",{"text":719,"default":720},"Vorschläge",[721,723,728,730,735,740],{"text":407,"config":722},{"href":412,"dataGaName":407,"dataGaLocation":717},{"text":724,"config":725},"Codevorschläge (KI)",{"href":726,"dataGaName":727,"dataGaLocation":717},"/de-de/solutions/code-suggestions/","Code Suggestions (AI)",{"text":443,"config":729},{"href":445,"dataGaName":443,"dataGaLocation":717},{"text":731,"config":732},"GitLab auf AWS",{"href":733,"dataGaName":734,"dataGaLocation":717},"/de-de/partners/technology-partners/aws/","GitLab on AWS",{"text":736,"config":737},"GitLab auf Google Cloud",{"href":738,"dataGaName":739,"dataGaLocation":717},"/de-de/partners/technology-partners/google-cloud-platform/","GitLab on Google Cloud",{"text":415,"config":741},{"href":420,"dataGaName":742,"dataGaLocation":717},"Why GitLab?",{"freeTrial":744,"mobileIcon":749,"desktopIcon":754,"secondaryButton":757},{"text":745,"config":746},"Kostenlos testen",{"href":747,"dataGaName":381,"dataGaLocation":748},"https://gitlab.com/-/trials/new/","nav",{"altText":750,"config":751},"GitLab-Symbol",{"src":752,"dataGaName":753,"dataGaLocation":748},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758203874/jypbw1jx72aexsoohd7x.svg","gitlab icon",{"altText":750,"config":755},{"src":756,"dataGaName":753,"dataGaLocation":748},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758203875/gs4c8p8opsgvflgkswz9.svg",{"text":540,"config":758},{"href":759,"dataGaName":760,"dataGaLocation":748},"https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/de-de/get-started/","get started",{"freeTrial":762,"mobileIcon":766,"desktopIcon":768},{"text":763,"config":764},"Mehr über GitLab Duo erfahren",{"href":412,"dataGaName":765,"dataGaLocation":748},"gitlab duo",{"altText":750,"config":767},{"src":752,"dataGaName":753,"dataGaLocation":748},{"altText":750,"config":769},{"src":756,"dataGaName":753,"dataGaLocation":748},{"button":771,"mobileIcon":776,"desktopIcon":778},{"text":772,"config":773},"/Option",{"href":774,"dataGaName":775,"dataGaLocation":748},"#contact","switch",{"altText":750,"config":777},{"src":752,"dataGaName":753,"dataGaLocation":748},{"altText":750,"config":779},{"src":780,"dataGaName":753,"dataGaLocation":748},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1773335277/ohhpiuoxoldryzrnhfrh.png",{"freeTrial":782,"mobileIcon":787,"desktopIcon":789},{"text":783,"config":784},"Zurück zur Preisübersicht",{"href":527,"dataGaName":785,"dataGaLocation":748,"icon":786},"back to pricing","GoBack",{"altText":750,"config":788},{"src":752,"dataGaName":753,"dataGaLocation":748},{"altText":750,"config":790},{"src":756,"dataGaName":753,"dataGaLocation":748},{"title":792,"button":793,"config":798},"Sieh dir an, wie agentische KI die Softwarebereitstellung transformiert",{"text":794,"config":795},"Jetzt live bei GitLab Transcend am 10. Juni dabei sein",{"href":796,"dataGaName":797,"dataGaLocation":376},"/de-de/events/transcend/virtual/","transcend event",{"layout":799,"disabled":363},"release",{"data":801},{"text":802,"source":803,"edit":809,"contribute":814,"config":819,"items":824,"minimal":1030},"Git ist eine Marke von Software Freedom Conservancy und unsere Verwendung von „GitLab“ erfolgt unter Lizenz.",{"text":804,"config":805},"Quelltext der Seite anzeigen",{"href":806,"dataGaName":807,"dataGaLocation":808},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/","page source","footer",{"text":810,"config":811},"Diese Seite bearbeiten",{"href":812,"dataGaName":813,"dataGaLocation":808},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/content/","web ide",{"text":815,"config":816},"Beteilige dich",{"href":817,"dataGaName":818,"dataGaLocation":808},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/CONTRIBUTING.md/","please contribute",{"twitter":820,"facebook":821,"youtube":822,"linkedin":823},"https://x.com/gitlab","https://www.facebook.com/gitlab","https://www.youtube.com/channel/UCnMGQ8QHMAnVIsI3xJrihhg","https://www.linkedin.com/company/gitlab-com",[825,870,923,965,996],{"title":525,"links":826,"subMenu":841},[827,831,836],{"text":828,"config":829},"Tarife anzeigen",{"href":527,"dataGaName":830,"dataGaLocation":808},"view plans",{"text":832,"config":833},"Vorteile von Premium",{"href":834,"dataGaName":835,"dataGaLocation":808},"/de-de/pricing/premium/","why premium",{"text":837,"config":838},"Vorteile von Ultimate",{"href":839,"dataGaName":840,"dataGaLocation":808},"/de-de/pricing/ultimate/","why ultimate",[842],{"title":690,"links":843},[844,846,848,850,855,860,865],{"text":383,"config":845},{"href":385,"dataGaName":386,"dataGaLocation":808},{"text":700,"config":847},{"href":702,"dataGaName":703,"dataGaLocation":808},{"text":705,"config":849},{"href":707,"dataGaName":708,"dataGaLocation":808},{"text":851,"config":852},"Status",{"href":853,"dataGaName":854,"dataGaLocation":808},"https://status.gitlab.com/","status",{"text":856,"config":857},"Nutzungsbedingungen",{"href":858,"dataGaName":859,"dataGaLocation":808},"/terms/","terms of use",{"text":861,"config":862},"Datenschutzerklärung",{"href":863,"dataGaName":864,"dataGaLocation":808},"/de-de/privacy/","privacy statement",{"text":866,"config":867},"Cookie-Einstellungen",{"dataGaName":868,"dataGaLocation":808,"id":869,"isOneTrustButton":357},"cookie preferences","ot-sdk-btn",{"title":423,"links":871,"subMenu":880},[872,876],{"text":873,"config":874},"DevSecOps-Plattform",{"href":405,"dataGaName":875,"dataGaLocation":808},"devsecops platform",{"text":877,"config":878},"KI-unterstützte Entwicklung",{"href":412,"dataGaName":879,"dataGaLocation":808},"ai-assisted development",[881],{"title":882,"links":883},"Themen",[884,888,893,898,903,908,913,918],{"text":443,"config":885},{"href":886,"dataGaName":887,"dataGaLocation":808},"/de-de/topics/ci-cd/","cicd",{"text":889,"config":890},"GitOps",{"href":891,"dataGaName":892,"dataGaLocation":808},"/de-de/topics/gitops/","gitops",{"text":894,"config":895},"DevOps",{"href":896,"dataGaName":897,"dataGaLocation":808},"/de-de/topics/devops/","devops",{"text":899,"config":900},"Versionskontrolle",{"href":901,"dataGaName":902,"dataGaLocation":808},"/de-de/topics/version-control/","version control",{"text":904,"config":905},"DevSecOps",{"href":906,"dataGaName":907,"dataGaLocation":808},"/de-de/topics/devsecops/","devsecops",{"text":909,"config":910},"Cloud-nativ",{"href":911,"dataGaName":912,"dataGaLocation":808},"/de-de/topics/cloud-native/","cloud native",{"text":914,"config":915},"KI für das Programmieren",{"href":916,"dataGaName":917,"dataGaLocation":808},"/de-de/topics/devops/ai-for-coding/","ai for coding",{"text":919,"config":920},"Agentische KI",{"href":921,"dataGaName":922,"dataGaLocation":808},"/de-de/topics/agentic-ai/","agentic ai",{"title":924,"links":925},"Lösungen",[926,929,931,936,940,943,946,949,951,953,955,960],{"text":468,"config":927},{"href":463,"dataGaName":928,"dataGaLocation":808},"Application Security Testing",{"text":455,"config":930},{"href":439,"dataGaName":440,"dataGaLocation":808},{"text":932,"config":933},"Agile Entwicklung",{"href":934,"dataGaName":935,"dataGaLocation":808},"/de-de/solutions/agile-delivery/","agile delivery",{"text":937,"config":938},"SCM",{"href":452,"dataGaName":939,"dataGaLocation":808},"source code management",{"text":443,"config":941},{"href":445,"dataGaName":942,"dataGaLocation":808},"continuous integration & delivery",{"text":494,"config":944},{"href":496,"dataGaName":945,"dataGaLocation":808},"value stream management",{"text":889,"config":947},{"href":948,"dataGaName":892,"dataGaLocation":808},"/de-de/solutions/gitops/",{"text":507,"config":950},{"href":510,"dataGaName":511,"dataGaLocation":808},{"text":513,"config":952},{"href":516,"dataGaName":517,"dataGaLocation":808},{"text":519,"config":954},{"href":522,"dataGaName":523,"dataGaLocation":808},{"text":956,"config":957},"Bildungswesen",{"href":958,"dataGaName":959,"dataGaLocation":808},"/de-de/solutions/education/","education",{"text":961,"config":962},"Finanzdienstleistungen",{"href":963,"dataGaName":964,"dataGaLocation":808},"/de-de/solutions/finance/","financial services",{"title":530,"links":966},[967,969,971,973,976,978,981,983,985,988,990,992,994],{"text":543,"config":968},{"href":545,"dataGaName":546,"dataGaLocation":808},{"text":548,"config":970},{"href":550,"dataGaName":551,"dataGaLocation":808},{"text":553,"config":972},{"href":555,"dataGaName":556,"dataGaLocation":808},{"text":558,"config":974},{"href":560,"dataGaName":975,"dataGaLocation":808},"docs",{"text":581,"config":977},{"href":583,"dataGaName":584,"dataGaLocation":808},{"text":979,"config":980},"Neuigkeiten",{"href":631,"dataGaName":632,"dataGaLocation":808},{"text":576,"config":982},{"href":578,"dataGaName":579,"dataGaLocation":808},{"text":590,"config":984},{"href":592,"dataGaName":593,"dataGaLocation":808},{"text":986,"config":987},"GitLab Services",{"href":600,"dataGaName":601,"dataGaLocation":808},{"text":603,"config":989},{"href":605,"dataGaName":606,"dataGaLocation":808},{"text":608,"config":991},{"href":610,"dataGaName":611,"dataGaLocation":808},{"text":613,"config":993},{"href":615,"dataGaName":616,"dataGaLocation":808},{"text":618,"config":995},{"href":620,"dataGaName":621,"dataGaLocation":808},{"title":997,"links":998},"Unternehmen",[999,1001,1003,1005,1007,1009,1014,1019,1021,1023,1025],{"text":642,"config":1000},{"href":644,"dataGaName":636,"dataGaLocation":808},{"text":647,"config":1002},{"href":649,"dataGaName":650,"dataGaLocation":808},{"text":655,"config":1004},{"href":657,"dataGaName":658,"dataGaLocation":808},{"text":660,"config":1006},{"href":662,"dataGaName":663,"dataGaLocation":808},{"text":665,"config":1008},{"href":667,"dataGaName":668,"dataGaLocation":808},{"text":1010,"config":1011},"Nachhaltigkeit",{"href":1012,"dataGaName":1013,"dataGaLocation":808},"/sustainability/","Sustainability",{"text":1015,"config":1016},"Vielfalt, Inklusion und Zugehörigkeit",{"href":1017,"dataGaName":1018,"dataGaLocation":808},"/de-de/diversity-inclusion-belonging/","Diversity, inclusion and belonging",{"text":670,"config":1020},{"href":672,"dataGaName":673,"dataGaLocation":808},{"text":680,"config":1022},{"href":682,"dataGaName":683,"dataGaLocation":808},{"text":685,"config":1024},{"href":687,"dataGaName":688,"dataGaLocation":808},{"text":1026,"config":1027},"Transparenzerklärung zu moderner Sklaverei",{"href":1028,"dataGaName":1029,"dataGaLocation":808},"https://handbook.gitlab.com/handbook/legal/modern-slavery-act-transparency-statement/","modern slavery transparency statement",{"items":1031},[1032,1034,1037],{"text":856,"config":1033},{"href":858,"dataGaName":859,"dataGaLocation":808},{"text":1035,"config":1036},"Cookies",{"dataGaName":868,"dataGaLocation":808,"id":869,"isOneTrustButton":357},{"text":861,"config":1038},{"href":863,"dataGaName":864,"dataGaLocation":808},[1040],{"id":1041,"title":7,"body":356,"config":1042,"content":1044,"description":356,"extension":1047,"meta":1048,"navigation":357,"path":1049,"seo":1050,"stem":1051,"__hash__":1052},"blogAuthors/en-us/blog/authors/michael-omokoh.yml",{"template":1043},"BlogAuthor",{"name":7,"config":1045},{"headshot":1046},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1779293582/whhdbnshyupyse6r1oel.jpg","yml",{},"/en-us/blog/authors/michael-omokoh",{},"en-us/blog/authors/michael-omokoh","bQs8Jj9AOXi54h-yFbGPszBtXgs1_1ESCcBwdSkj7GA",[1054,1061,1068],{"title":1055,"description":1056,"heroImage":358,"category":352,"date":353,"authors":1057,"slug":1060,"externalUrl":356},"Supply-Chain-Risiken reduzieren – mit SBOM-basiertem Dependency Scanning","Transitive Abhängigkeiten erkennen, ihren Ursprung nachverfolgen und nach realer Exposition priorisieren.",[1058,1059],"Mark Settle","Joel Patterson","sbom-based-dependency-scanning",{"title":1062,"description":1063,"heroImage":358,"category":352,"date":1064,"authors":1065,"slug":1067,"externalUrl":356},"CI/CD-Zugangsdaten absichern mit GitLab Secrets Manager","Secrets Manager (Public Beta): Job-Scoping, Least-Privilege-Zugriffsmodell und lückenloser Audit-Trail – nativ in GitLab 19.0.","2026-05-21",[1066,1058],"Joe Randazzo","secrets-manager-in-public-beta",{"title":1069,"description":1070,"heroImage":1071,"category":352,"date":1072,"authors":1073,"slug":1075,"externalUrl":356},"Irreführende CVSS-Scores automatisch korrigieren – 5 Richtlinienmuster","CVSS-Scores spiegeln das tatsächliche Risiko nicht wider. Severity-Override-Richtlinien in GitLab automatisieren Korrekturen nach CVE, CWE und Verzeichnis.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1772630163/akp8ly2mrsfrhsb0liyb.png","2026-05-13",[1074],"Grant Hickman","severity-override-vulnerability-management-policy",{"promotions":1077},[1078,1092,1103,1114],{"id":1079,"categories":1080,"header":1082,"text":1083,"button":1084,"image":1089},"ai-modernization",[1081],"ai","Hält KI, was uns versprochen wurde?","Das Quiz dauert maximal 5 Minuten.",{"text":1085,"config":1086},"Ermittle deinen KI-Reifegrad",{"href":1087,"dataGaName":1088,"dataGaLocation":584},"/de-de/assessments/ai-modernization-assessment/","modernization assessment",{"config":1090},{"src":1091},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772138786/qix0m7kwnd8x2fh1zq49.png",{"id":1093,"categories":1094,"header":1095,"text":1083,"button":1096,"image":1100},"devops-modernization",[368,907],"Verwaltest du Tool-Chaos oder stellst du Innovationen bereit?",{"text":1097,"config":1098},"Ermittle deinen DevOps-Reifegrad",{"href":1099,"dataGaName":1088,"dataGaLocation":584},"/de-de/assessments/devops-modernization-assessment/",{"config":1101},{"src":1102},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772138785/eg818fmakweyuznttgid.png",{"id":1104,"categories":1105,"header":1106,"text":1083,"button":1107,"image":1111},"security-modernization",[352],"Tauschst du Schnelligkeit gegen Sicherheit ein?",{"text":1108,"config":1109},"Ermittle deinen Sicherheitsreifegrad",{"href":1110,"dataGaName":1088,"dataGaLocation":584},"/de-de/assessments/security-modernization-assessment/",{"config":1112},{"src":1113},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772138786/p4pbqd9nnjejg5ds6mdk.png",{"id":1115,"paths":1116,"header":1119,"text":1120,"button":1121,"image":1126},"github-azure-migration",[1117,1118],"migration-from-azure-devops-to-gitlab","integrating-azure-devops-scm-and-gitlab","Ist dein Team bereit für den Umzug von GitHub nach Azure?","GitHub stellt bereits auf Azure um. Finde heraus, was das für dich bedeutet.",{"text":1122,"config":1123},"Erfahre, wie GitLab im Vergleich zu GitHub abschneidet",{"href":1124,"dataGaName":1125,"dataGaLocation":584},"/de-de/compare/gitlab-vs-github/github-azure-migration/","github azure migration",{"config":1127},{"src":1102},{"header":1129,"blurb":1130,"button":1131,"secondaryButton":1136},"Beginne noch heute, schneller zu entwickeln","Entdecke, was dein Team mit der intelligenten Orchestrierungsplattform für DevSecOps erreichen kann.\n",{"text":1132,"config":1133},"Kostenlosen Test starten",{"href":1134,"dataGaName":381,"dataGaLocation":1135},"https://gitlab.com/-/trial_registrations/new?glm_content=default-saas-trial&glm_source=about.gitlab.com/de-de/","feature",{"text":383,"config":1137},{"href":385,"dataGaName":386,"dataGaLocation":1135},1781392656775]