[{"data":1,"prerenderedAt":1439},["ShallowReactive",2],{"/ja-jp/blog/automated-detection-testing-framework":3,"navigation-ja-jp":668,"banner-ja-jp":1086,"footer-ja-jp":1095,"blog-post-authors-ja-jp-Evan Baltman":1336,"blog-related-posts-ja-jp-automated-detection-testing-framework":1352,"blog-promotions-ja-jp":1377,"next-steps-ja-jp":1430},{"id":4,"title":5,"authors":6,"body":8,"category":645,"date":646,"description":647,"extension":648,"externalUrl":649,"featured":206,"heroImage":650,"meta":651,"navigation":206,"path":652,"seo":653,"slug":659,"stem":660,"tags":661,"template":665,"updatedDate":666,"__hash__":667},"blogPosts/ja-jp/blog/automated-detection-testing-framework.md","GitLab CI/CDとDuoで自動検知テストフレームワークを構築する",[7],"Evan Baltman",{"type":9,"value":10,"toc":636},"minimark",[11,15,23,26,30,33,36,55,58,62,65,68,108,112,115,126,136,142,149,159,163,170,489,503,512,525,531,534,541,550,565,568,571,603,607,614,617,621,624,632],[12,13,14],"p",{},"セキュリティ運用センター（SOC）において健全なアラートシステムを維持する上で、誤検出のチューニングは課題の半分にすぎません。見落とされがちなもう一方の課題は、めったに発動しない重要な検知ルールが、誰にも気づかれないまま完全に機能しなくなっていないかを確認することです。",[12,16,17,18,22],{},"GitLabでは、Signals Engineeringチームが自社インフラ上で実際の悪意ある行動をシミュレートすることで検知テストを実施しています。ログソースからSIEMへの取り込み、そしてSOARによるアラートルーティングまで、検知がエンドツーエンドで機能することを検証するためです。これは商品化されているBreach and Attack Simulation（BAS）ツールと同じアプローチですが、それらのツールは高価で汎用的であり、GitLabの検知スタックに特化したものではありません。そこでGitLabでは、Weekly Attack Testing for Continuous Health、略して",[19,20,21],"strong",{},"WATCH","と名付けた完全自動化フレームワークを独自に構築しました。",[12,24,25],{},"本記事では、このフレームワークを開発した背景、その仕組み、そして自社環境での活用方法についてご説明します。",[27,28,29],"h2",{"id":29},"検知の検証におけるギャップ",[12,31,32],{},"ログスキーマの変更、SIEMのアップデート、パイプラインの設定ミスなど、検知が発動しないまま失敗する原因は無数に存在します。一方、想定どおりに発動するパターンはただひとつです。こうした現実を踏まえると、結論は明らかです。「既存の検知を意図的にトリガーしてみよう！」ただし、すぐに「どうやって検知をトリガーするのか？」「どのくらいの頻度で行うべきか？」といった次の疑問が浮かびます。",[12,34,35],{},"検知をトリガーする方法のひとつは、悪意ある行動をシミュレートするログをSIEMに再投入するという「合成アプローチ」です。そして、検知ルールが偽の問題を検知してアラートを発するかどうかを確認します。ただしこのアプローチには、「実世界」のシナリオで検知が機能することを証明できないという問題に加え、アラートライフサイクルの中でも特にエラーが発生しやすいログの取り込み（ログソースからSIEMまでの経路）の検証ができないという欠点があります。",[12,37,38,39,45,46,50,51,54],{},"以前、GitLabは、",[40,41,44],"a",{"href":42,"rel":43},"https://about.gitlab.com/blog/automating-cybersecurity-threat-detections-with-gitlab-ci-cd/",[],"GitLab Universal Automated Response and Detection（GUARD）システム","がDetections as Code（DaC）パイプラインを通じて検知の作成とデプロイを自動化する方法、そしてSOARを通じてアラートのルーティングとトリアージを行う方法についてご紹介しました。DaCパイプラインはエラーなしに検知を",[47,48,49],"em",{},"デプロイできる","ことの検証問題を解決しましたが、対象とする行動が実際に発生した際にその検知が",[47,52,53],{},"発動するか","という問いには答えられていません。",[12,56,57],{},"WATCHはそのギャップを埋めます。検知が機能しているという確信を与えてくれる継続的な検証レイヤーです。",[27,59,61],{"id":60},"watchの仕組み","WATCHの仕組み",[12,63,64],{},"大まかに言えば、WATCHはステージング環境でスクリプト化された攻撃シミュレーションを実行し、期待されるアラートがセキュリティ監視スタック全体に伝播することを検証します。検知ルールを管理するSIEM、アラートルーティングを担うSOAR、そしてチームが検知の健全性を監視するダッシュボードに至るまでを確認します。",[12,66,67],{},"WATCHテストのライフサイクルは次のとおりです。",[69,70,71,78,84,90,96,102],"ol",{},[72,73,74,77],"li",{},[19,75,76],{},"スケジューリング","：毎週、スケジュールされたGitLab CI/CDパイプラインがすべてのアクティブなテストを検出し、週全体にわたってランダムな時間スロットに振り分けます。ランダム化は重要です。テストが予測可能なタイミングで発動すると、テスト活動と実際の脅威を区別しやすくなり、タイミングに敏感な検知の問題が覆い隠されてしまう可能性があるためです。",[72,79,80,83],{},[19,81,82],{},"事前通知","：テスト実行前に、WATCHは専用の「WATCH Heads Up」ストーリーを通じてSOARに通知し、トリガーが期待される検知を登録します。これにより、SOARが次に何が来るかを把握できるよう、追跡可能なレコードが作成されます。",[72,85,86,89],{},[19,87,88],{},"実行","：テストがシミュレートされた悪意ある行動を実行します。たとえば、管理者アカウントのパスワードをリセットしたり、ステージング環境に対して不審なAPI呼び出しを行ったりします。",[72,91,92,95],{},[19,93,94],{},"検知","：SIEMがステージング環境からのアクティビティログを処理し、対応する検知ルールを（うまくいけば）発動させます。",[72,97,98,101],{},[19,99,100],{},"相関分析","：SOARにアラートが届くと、「これはWATCHテストか？」のチェックが行われ、各アラートが登録済みのテストに対応するかどうかを3つの要素で照合します。テスト実行からアラート到着までの時間ウィンドウ、アクターのID（IPアドレスまたはユーザー名）、そして発動した検知のルールIDです。これにより、WATCHが生成したアラートがSIRTへの実際のインシデントとしてエスカレーションされることなく、パイプライン全体の検証が可能になります。",[72,103,104,107],{},[19,105,106],{},"検証","：フォローアップのパイプラインステージが、期待されるすべての検知が発動したかどうかを確認し、検知のステータスメタデータを更新して、更新された結果をGitLab Pagesダッシュボードにデプロイします。いずれかの検知が発動しなかった場合、チームのSlackチャンネルに通知が送られます。",[27,109,111],{"id":110},"gitlab-cicdでwatchを使う","GitLab CI/CDでWATCHを使う",[12,113,114],{},"WATCHは3つのパイプラインステージにわたるオーケストレーションのバックボーンとしてGitLab CI/CDを活用しています。",[12,116,117,120,121,125],{},[19,118,119],{},"schedule_pipelines","ステージは毎週実行され、テストの配布を担います。すべてのアクティブなテストを検出し、グループに振り分け、週全体にわたってランダムな時間帯に実行するようスケジュールされたパイプラインを作成します。スケジュールされた各パイプラインには、実行すべきテストを指定する",[122,123,124],"code",{},"TESTS_TO_RUN","変数が付与されます。",[12,127,128,131,132,135],{},[19,129,130],{},"run_tests","ステージでは実際の攻撃シミュレーションが行われます。そのパイプライン実行に割り当てられたテストを実行し、実行統計を",[122,133,134],{},"detection_status.json","に保存し、アラートの相関分析がダウンストリームで行えるようSOARのレコードIDを記録します。",[12,137,138,141],{},[19,139,140],{},"pages","ステージは検証とレポートを担います。SOARに問い合わせてアラートが生成され適切にルーティングされたことを確認し、検証結果で検知メタデータを更新して、最新のテスト結果をGitLab Pagesダッシュボードにデプロイします。",[12,143,144,145,148],{},"以下は、WATCHパイプライン用のGitLab CI/CD ",[122,146,147],{},"gitlab-ci.yml","設定ファイルのテンプレートです。",[150,151,156],"pre",{"className":152,"code":154,"language":155},[153],"language-text","spec:\n  inputs:\n    weekly_scheduling:\n      type: boolean\n      default: false\n      description: \"Enable weekly scheduling of detection tests.\"\n    update_pages:\n      type: boolean\n      default: false\n      description: \"For triggering the update of GitLab Pages dashboard.\"\n\n---\n\n# Specify the Docker image to use for the job\nimage: python:3.12\n\nstages:\n  - schedule_pipelines\n  - run_tests\n  - pages\n\n# Job to manage scheduled pipelines (runs when weekly_scheduling input is true)\nmanage_scheduled_pipelines:\n  stage: schedule_pipelines\n  script:\n    - pip install -r requirements.txt\n    - python scripts/manage_scheduled_pipelines.py\n  rules:\n    - if: $TESTS_TO_RUN == null && $CI_PIPELINE_SOURCE == \"schedule\" && [[ inputs.weekly_scheduling ]] == true\n      when: on_success\n    - when: never\n\n# Job to run detection tests, save tines_record_id to detection_status.json, and commit\nrun_detection_tests:\n  stage: run_tests\n  script:\n    - pip install -r requirements.txt\n    - python main.py --prod --save-stats --scheduled-tests\n  rules:\n    - if: $TESTS_TO_RUN\n      when: on_success\n    - when: never\n\n# Job to verify alerts, update detection_status.json, commit, and deploy pages\npages:\n  stage: pages\n  script:\n    - pip install -r requirements.txt\n    - python scripts/verify_and_update_detections.py --tines-api-key ${TINES_API_KEY}\n    - mkdir -p public/data\n    - cp detection_status.json public/data/\n    - cp -r static/* public/\n  pages: true  # Required for GitLab 17.9+ to trigger Pages deployment\n  artifacts:\n    paths:\n      - public\n  rules:\n    - if: $TESTS_TO_RUN == null && [[ inputs.update_pages ]] == true\n      when: on_success\n    - when: never\n","text",[122,157,154],{"__ignoreMap":158},"",[27,160,162],{"id":161},"gitlab-duoを使ったテストの作成","GitLab Duoを使ったテストの作成",[12,164,165,166,169],{},"WATCHの設計における優先事項のひとつは、Signals EngineeringまたはSIRTチームの誰でも新しいテストを追加できるようにすることでした。このフレームワークは",[122,167,168],{},"BaseSecurityTest","抽象クラスを提供しており、テストIDの生成、アクターIDの管理、SOARとの連携といった定型作業をすべて処理します。これにより、テスト作成者はテスト環境のセットアップ、シミュレートされた悪意ある行動の実行、後処理の3点のみに集中できます。",[150,171,175],{"className":172,"code":173,"language":174,"meta":158,"style":158},"language-py shiki shiki-themes github-light","class BaseSecurityTest(ABC):\n\n    def __init__(self, config = {}, test_id: Optional[str] = None):\n        self.test_id = test_id or str(uuid.uuid4())\n        self.test_name = self.__class__.__name__\n        self.expected_detections = {}\n        self.actor_id = config.get('gitlab', {}).get(\n            'default_actor_id',\n            \"sirt_detection_test_user_\" + self.test_id[:8]\n        )\n        self.isActive = True\n        self.test_run_time = 300\n        self.config = config\n\n    @abstractmethod\n    def setup(self) -> bool:\n        \"\"\"Prepare test environment and resources\"\"\"\n\n    @abstractmethod\n    def execute(self) -> Dict[str, Any]:\n        \"\"\"Execute the malicious behavior simulation\"\"\"\n\n    @abstractmethod\n    def cleanup(self) -> bool:\n        \"\"\"Clean up test environment and resources\"\"\"\n","py",[122,176,177,201,208,239,262,286,299,319,328,348,354,367,380,393,398,404,421,427,432,437,453,459,464,469,483],{"__ignoreMap":158},[178,179,182,186,190,194,198],"span",{"class":180,"line":181},"line",1,[178,183,185],{"class":184},"sD7c4","class",[178,187,189],{"class":188},"s7eDp"," BaseSecurityTest",[178,191,193],{"class":192},"sgsFI","(",[178,195,197],{"class":196},"sYu0t","ABC",[178,199,200],{"class":192},"):\n",[178,202,204],{"class":180,"line":203},2,[178,205,207],{"emptyLinePlaceholder":206},true,"\n",[178,209,211,214,217,220,223,226,229,232,234,237],{"class":180,"line":210},3,[178,212,213],{"class":184},"    def",[178,215,216],{"class":196}," __init__",[178,218,219],{"class":192},"(self, config ",[178,221,222],{"class":184},"=",[178,224,225],{"class":192}," {}, test_id: Optional[",[178,227,228],{"class":196},"str",[178,230,231],{"class":192},"] ",[178,233,222],{"class":184},[178,235,236],{"class":196}," None",[178,238,200],{"class":192},[178,240,242,245,248,250,253,256,259],{"class":180,"line":241},4,[178,243,244],{"class":196},"        self",[178,246,247],{"class":192},".test_id ",[178,249,222],{"class":184},[178,251,252],{"class":192}," test_id ",[178,254,255],{"class":184},"or",[178,257,258],{"class":196}," str",[178,260,261],{"class":192},"(uuid.uuid4())\n",[178,263,265,267,270,272,275,278,281,283],{"class":180,"line":264},5,[178,266,244],{"class":196},[178,268,269],{"class":192},".test_name ",[178,271,222],{"class":184},[178,273,274],{"class":196}," self",[178,276,277],{"class":192},".",[178,279,280],{"class":196},"__class__",[178,282,277],{"class":192},[178,284,285],{"class":196},"__name__\n",[178,287,289,291,294,296],{"class":180,"line":288},6,[178,290,244],{"class":196},[178,292,293],{"class":192},".expected_detections ",[178,295,222],{"class":184},[178,297,298],{"class":192}," {}\n",[178,300,302,304,307,309,312,316],{"class":180,"line":301},7,[178,303,244],{"class":196},[178,305,306],{"class":192},".actor_id ",[178,308,222],{"class":184},[178,310,311],{"class":192}," config.get(",[178,313,315],{"class":314},"sYBdl","'gitlab'",[178,317,318],{"class":192},", {}).get(\n",[178,320,322,325],{"class":180,"line":321},8,[178,323,324],{"class":314},"            'default_actor_id'",[178,326,327],{"class":192},",\n",[178,329,331,334,337,339,342,345],{"class":180,"line":330},9,[178,332,333],{"class":314},"            \"sirt_detection_test_user_\"",[178,335,336],{"class":184}," +",[178,338,274],{"class":196},[178,340,341],{"class":192},".test_id[:",[178,343,344],{"class":196},"8",[178,346,347],{"class":192},"]\n",[178,349,351],{"class":180,"line":350},10,[178,352,353],{"class":192},"        )\n",[178,355,357,359,362,364],{"class":180,"line":356},11,[178,358,244],{"class":196},[178,360,361],{"class":192},".isActive ",[178,363,222],{"class":184},[178,365,366],{"class":196}," True\n",[178,368,370,372,375,377],{"class":180,"line":369},12,[178,371,244],{"class":196},[178,373,374],{"class":192},".test_run_time ",[178,376,222],{"class":184},[178,378,379],{"class":196}," 300\n",[178,381,383,385,388,390],{"class":180,"line":382},13,[178,384,244],{"class":196},[178,386,387],{"class":192},".config ",[178,389,222],{"class":184},[178,391,392],{"class":192}," config\n",[178,394,396],{"class":180,"line":395},14,[178,397,207],{"emptyLinePlaceholder":206},[178,399,401],{"class":180,"line":400},15,[178,402,403],{"class":188},"    @abstractmethod\n",[178,405,407,409,412,415,418],{"class":180,"line":406},16,[178,408,213],{"class":184},[178,410,411],{"class":188}," setup",[178,413,414],{"class":192},"(self) -> ",[178,416,417],{"class":196},"bool",[178,419,420],{"class":192},":\n",[178,422,424],{"class":180,"line":423},17,[178,425,426],{"class":314},"        \"\"\"Prepare test environment and resources\"\"\"\n",[178,428,430],{"class":180,"line":429},18,[178,431,207],{"emptyLinePlaceholder":206},[178,433,435],{"class":180,"line":434},19,[178,436,403],{"class":188},[178,438,440,442,445,448,450],{"class":180,"line":439},20,[178,441,213],{"class":184},[178,443,444],{"class":188}," execute",[178,446,447],{"class":192},"(self) -> Dict[",[178,449,228],{"class":196},[178,451,452],{"class":192},", Any]:\n",[178,454,456],{"class":180,"line":455},21,[178,457,458],{"class":314},"        \"\"\"Execute the malicious behavior simulation\"\"\"\n",[178,460,462],{"class":180,"line":461},22,[178,463,207],{"emptyLinePlaceholder":206},[178,465,467],{"class":180,"line":466},23,[178,468,403],{"class":188},[178,470,472,474,477,479,481],{"class":180,"line":471},24,[178,473,213],{"class":184},[178,475,476],{"class":188}," cleanup",[178,478,414],{"class":192},[178,480,417],{"class":196},[178,482,420],{"class":192},[178,484,486],{"class":180,"line":485},25,[178,487,488],{"class":314},"        \"\"\"Clean up test environment and resources\"\"\"\n",[12,490,491,492,495,496,499,500,502],{},"重要な設定は",[122,493,494],{},"expected_detections","ディクショナリです。これは、トリガーが想定されるSIEMのルール名を、アクターIDと想定されるアラート到着時刻にマッピングします。新しいテストは、",[122,497,498],{},"tests/","ディレクトリ内に",[122,501,168],{},"をサブクラス化したPythonファイルを作成し、シミュレートする行動を定義して、トリガーが期待される検知を宣言するだけです。テストランナーは次回のスケジュール実行時に自動的にそれを検出します。",[12,504,505,506,511],{},"こうしたシンプルなインターフェースが重要なのは、チームが実際にテストを書いてくれなければ、検知テストという取り組み自体が成立しないからです。テストの追加にパイプライン内部の全体像の理解が必要になれば、誰もやらなくなります。setup、execute、cleanupを実装し、想定される検知を宣言するというシンプルな仕様は、WATCHテストと",[40,507,510],{"href":508,"rel":509},"https://about.gitlab.com/ja-jp/gitlab-duo/",[],"GitLab Duo","（GitLabのAIアシスタント）との相性を高めます。Duoにベースクラスと「特定のグループから大量のプロジェクトをクローンするテストを作って」「GraphQLを使ってこのプロジェクトのCI変数をすべて取得するテストを作って」「これらのプロジェクトを同じ命名規則にリネームして」といったプロンプトを与えると、Duoは、足場としてフレームワークに直接プラグインできる動作するWATCHテストを生成します。これにより、障壁はさらに下がります。エンジニアは「この検知をテストしたい」という構想段階から、Duoが実装作業の大半を担った状態で動作するテストまで、一気に進むことができます。",[12,513,514,515,520,521,524],{},"活用のヒント：GitLab Duoをさらに効果的に活用するために、私は",[40,516,519],{"href":517,"rel":518},"https://docs.gitlab.com/ja-jp/user/duo_agent_platform/customize/agent_skills/",[],"Duo Agent Skills","を利用しました。これは、テストの作成のような定型作業の標準と手順を定義するのに最適です。プロジェクトディレクトリには",[122,522,523],{},"skills/WATCH-test-creator","というフォルダがあり、SKILL.mdには優れたテストの条件、使用できるヘルパー関数、プロジェクトの目的が記述されています。上記のようなプロンプトを入力した直後にこのファイルが読み込まれるため、Duoに対して「何をしようとしているのか、どうやればいいのか」を毎回説明し直す必要がなくなります。何より重要なのは、結果が一貫して高品質になることです。以下はそのファイルの抜粋です。",[150,526,529],{"className":527,"code":528,"language":155,"meta":158},[153],"---\nname: WATCH-test-creator\ndescription: Create WATCH (Orchestrated Offensive Penetration Simulator) security detection tests that simulate malicious behavior on GitLab infrastructure to validate SIEM detection rules and alerting pipelines.\n---\n\n## WATCH Test Creator\n\nYou are an expert at writing security detection tests for the WATCH framework. WATCH tests simulate malicious activities on GitLab-owned infrastructure to verify that the SecOps security monitoring stack (Elastic SIEM, Tines SOAR, alerting rules) properly detects and responds to threats.\n\n### Architecture Overview\n```\nProject Root\n├── core/\n│   ├── base_test.py          # Abstract base class all tests inherit from\n│   ├── test_runner.py         # Auto-discovers and executes tests\n│   └── webhook_manager.py     # Tines/SOAR notification integration\n├── tests/\n│   ├── gitlab/                # GitLab-specific detection tests\n│   └── gcp/                   # GCP-specific detection tests\n├── utils/\n│   ├── gitlab_helper.py       # GitLab API wrapper (users, projects, tokens, webhooks, OAuth)\n│   └── crypto_utils.py        # Password generation utility\n├── config/\n│   ├── settings.py            # Config loader (reads YAML + GITLAB_ADMIN_PAT env var)\n│   └── environments/\n│       ├── dev.yaml           # Local GDK config\n│       └── prod.yaml          # Production staging.gitlab.com config\n├── main.py                    # Entry point with CLI args\n└── detection_status.json      # Test results and detection metadata\n```\n\n",[122,530,528],{"__ignoreMap":158},[27,532,533],{"id":533},"テストダッシュボードによる可視性の向上",[12,535,536],{},[537,538],"img",{"alt":539,"src":540},"テストダッシュボード","https://res.cloudinary.com/about-gitlab-com/image/upload/v1777574679/ylrc96iip682sinfg7zi.png",[12,542,543,544,549],{},"WATCHはまた、",[40,545,548],{"href":546,"rel":547},"https://docs.gitlab.com/ja-jp/user/project/pages/",[],"GitLab Pages","を通じて2つのインタラクティブなダッシュボードをデプロイし、チームが検知の健全性をリアルタイムで把握できるようにしています。",[551,552,553,559],"ul",{},[72,554,555,558],{},[19,556,557],{},"検知ステータスダッシュボード","では、すべての検知ルールと現在のテスト状況の概要を確認できます。たとえば、各検知の発動回数、現在の合否状態、検知のアクティブ期間といったメトリクスが含まれます。テーブルはフィルタリングとソートが可能で、エンジニアはどの検知に注意が必要かをすぐに特定できます。",[72,560,561,564],{},[19,562,563],{},"テスト実行ダッシュボード","には、テストIDごとにグループ化され、検知カバレッジの内訳を含む個々のテスト実行の詳細なビューが表示されます。アラート伝播時間を示すタイムライン可視化も含まれており、テスト実行からアラート到着までの所要時間や、SIEMの対応するアラートへの直接リンクを確認できます。",[12,566,567],{},"これらのダッシュボードは、以前は手動でパイプラインログやSIEMクエリを掘り起こして検知の健全性を確認していた作業に代わるものです。",[12,569,570],{},"GUARDの他の部分と同様に、WATCHはGitLabをそのプラットフォームとして全面的に活用しています。",[551,572,573,579,585,591,596],{},[72,574,575,578],{},[19,576,577],{},"GitLab CI/CDパイプラインとスケジュールパイプライン","が、週次スケジューリングから実行、ダッシュボードのデプロイまで、テストライフサイクル全体をオーケストレーションします。",[72,580,581,584],{},[19,582,583],{},"パイプラインインプット","により、ステージを個別にトリガーできるため、すべてのテストを再実行することなく、検証ステップだけ、あるいはダッシュボード更新だけを実行することができます。",[72,586,587,590],{},[19,588,589],{},"CI/CD変数","が、TinesおよびGitLabステージング環境へのアクセスに必要なAPIキーを安全に保管します。",[72,592,593,595],{},[19,594,548],{},"が、追加のインフラ不要でWATCHダッシュボードをホストします。別途ホスティングの管理も、追加のデプロイツールも必要ありません。",[72,597,598,599,602],{},"テストはGitLabプロジェクト内のPythonファイルに過ぎないため、DaCを通じた検知ルールと同様に、",[19,600,601],{},"バージョン管理、マージリクエストレビュー、コードオーナーシップ","の恩恵を受けます。",[27,604,606],{"id":605},"watchでプロアクティブな姿勢を維持する","WATCHでプロアクティブな姿勢を維持する",[12,608,609,610,613],{},"WATCHを構築したことで、チームの検知品質に対する姿勢が事後対応型からプロアクティブ型へと変わりました。WATCH導入以前には、検知の不具合はインシデントが発生して想定されるアラートが届かないときに初めて露見していました。これは、ギャップを発見するには最悪のタイミングです。今では検知の健全性について定期的な更新を受け取ることができ、実際に何かが起きる",[47,611,612],{},"前","に不具合を把握できます。新たな検知を開発しても、それが壊れたまま放置されることはないという安心感も生まれました。",[12,615,616],{},"WATCHのもうひとつのメリットは、レッドチームがフラッシュオペレーションを実施した際に使用した戦術・技術・手順（TTP）を記録できることです。検知を実装してペンテスト作業の事後分析を行った後、WATCHを使ってそれらの検知を検証するためにTTPを再実行することができます。本質的に、WATCHは検知のアトミックテストを再実行可能なTTPにします。",[27,618,620],{"id":619},"watchを試す","WATCHを試す",[12,622,623],{},"SOCを運営しSIEMの検知を頼りに脅威を捕捉しているなら、問うべきは「検知が壊れるかどうか」ではなく、「壊れたときに気づけるかどうか」です。この問いに答えるためにBASプラットフォームを購入する必要はありません。サンドボックス環境、CI/CDパイプライン、そして攻撃シミュレーションをスクリプト化するためのフレームワークがあれば、大きく前進できます。",[12,625,626,631],{},[40,627,630],{"href":628,"rel":629},"https://about.gitlab.com/ja-jp/free-trial/",[],"GitLab Ultimateの無料トライアル","に登録して、独自の検知テストフレームワークをぜひ構築してみてください。",[633,634,635],"style",{},"html pre.shiki code .sD7c4, html code.shiki .sD7c4{--shiki-default:#D73A49}html pre.shiki code .s7eDp, html code.shiki .s7eDp{--shiki-default:#6F42C1}html pre.shiki code .sgsFI, html code.shiki .sgsFI{--shiki-default:#24292E}html pre.shiki code .sYu0t, html code.shiki .sYu0t{--shiki-default:#005CC5}html pre.shiki code .sYBdl, html code.shiki .sYBdl{--shiki-default:#032F62}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}",{"title":158,"searchDepth":203,"depth":203,"links":637},[638,639,640,641,642,643,644],{"id":29,"depth":203,"text":29},{"id":60,"depth":203,"text":61},{"id":110,"depth":203,"text":111},{"id":161,"depth":203,"text":162},{"id":533,"depth":203,"text":533},{"id":605,"depth":203,"text":606},{"id":619,"depth":203,"text":620},"security-labs","2026-04-30","GitLabのSignals Engineeringチームが構築したWATCHフレームワークを通じて、セキュリティ監視パイプラインを継続的に検証する方法をご紹介します。","md",null,"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772195014/ooezwusxjl1f7ijfmbvj.png",{},"/ja-jp/blog/automated-detection-testing-framework",{"config":654,"title":656,"description":657,"ogImage":658},{"noIndex":655},false,"GitLab CI/CDとDuoで検知テストを自動化する","GitLabのSignals Engineingチームが構築したWATCHフレームワークを通じて、セキュリティ監視パイプラインを継続的に検証する方法をご紹介します。セキュリティ運用センター（SOC）の検知品質を維持するための実践的アプローチです。","https://res.cloudinary.com/about-gitlab-com/image/upload/f_auto,q_auto,c_lfill/v1772195014/ooezwusxjl1f7ijfmbvj.webp","automated-detection-testing-framework","ja-jp/blog/automated-detection-testing-framework",[662,663,664],"security","security research","features","BlogPost","2026-05-13","3iHZm6Wx9amVnwrJPNUQPnsLiTiJfv5DXp4TD37LCuE",{"logo":669,"freeTrial":674,"sales":679,"login":684,"items":689,"search":1006,"minimal":1039,"duo":1056,"switchNav":1065,"pricingDeployment":1076},{"config":670},{"href":671,"dataGaName":672,"dataGaLocation":673},"/ja-jp/","gitlab logo","header",{"text":675,"config":676},"無料トライアルを開始",{"href":677,"dataGaName":678,"dataGaLocation":673},"https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/ja-jp&glm_content=default-saas-trial/","free trial",{"text":680,"config":681},"お問い合わせはこちら",{"href":682,"dataGaName":683,"dataGaLocation":673},"/ja-jp/sales/","sales",{"text":685,"config":686},"サインイン",{"href":687,"dataGaName":688,"dataGaLocation":673},"https://gitlab.com/users/sign_in/","sign in",[690,719,821,826,930,986],{"text":691,"config":692,"menu":694},"プラットフォーム",{"dataNavLevelOne":693},"platform",{"type":695,"columns":696},"cards",[697,703,711],{"title":691,"description":698,"link":699},"DevSecOpsに特化したインテリジェントオーケストレーションプラットフォーム",{"text":700,"config":701},"プラットフォームの詳細はこちら",{"href":702,"dataGaName":693,"dataGaLocation":673},"/ja-jp/platform/",{"title":704,"description":705,"link":706},"GitLab Duo Agent Platform","ソフトウェアライフサイクル全体を支えるエージェント型AI",{"text":707,"config":708},"GitLab Duoのご紹介",{"href":709,"dataGaName":710,"dataGaLocation":673},"/ja-jp/gitlab-duo-agent-platform/","gitlab duo agent platform",{"title":712,"description":713,"link":714},"GitLabが選ばれる理由","エンタープライズがGitLabを選ぶ主な理由をご覧ください",{"text":715,"config":716},"詳細はこちら",{"href":717,"dataGaName":718,"dataGaLocation":673},"/ja-jp/why-gitlab/","why gitlab",{"text":720,"left":206,"config":721,"menu":723},"製品",{"dataNavLevelOne":722},"solutions",{"type":724,"link":725,"columns":729,"feature":800},"lists",{"text":726,"config":727},"すべてのソリューションを表示",{"href":728,"dataGaName":722,"dataGaLocation":673},"/ja-jp/solutions/",[730,755,778],{"title":731,"description":732,"link":733,"items":738},"自動化","CI/CDと自動化でデプロイを加速",{"config":734},{"icon":735,"href":736,"dataGaName":737,"dataGaLocation":673},"AutomatedCodeAlt","/ja-jp/solutions/delivery-automation/","automated software delivery",[739,743,746,751],{"text":740,"config":741},"CI/CD",{"href":742,"dataGaLocation":673,"dataGaName":740},"/ja-jp/solutions/continuous-integration/",{"text":704,"config":744},{"href":709,"dataGaLocation":673,"dataGaName":745},"gitlab duo agent platform - product menu",{"text":747,"config":748},"ソースコード管理",{"href":749,"dataGaLocation":673,"dataGaName":750},"/ja-jp/solutions/source-code-management/","Source Code Management",{"text":752,"config":753},"自動化されたソフトウェアデリバリー",{"href":736,"dataGaLocation":673,"dataGaName":754},"Automated software delivery",{"title":756,"description":757,"link":758,"items":763},"セキュリティ","セキュリティを犠牲にすることなくコード作成を高速化",{"config":759},{"href":760,"dataGaName":761,"dataGaLocation":673,"icon":762},"/ja-jp/solutions/application-security-testing/","security and compliance","ShieldCheckLight",[764,768,773],{"text":765,"config":766},"アプリケーションセキュリティテスト",{"href":760,"dataGaName":767,"dataGaLocation":673},"Application security testing",{"text":769,"config":770},"ソフトウェアサプライチェーンセキュリティ",{"href":771,"dataGaLocation":673,"dataGaName":772},"/ja-jp/solutions/supply-chain/","Software supply chain security",{"text":774,"config":775},"ソフトウェアコンプライアンス",{"href":776,"dataGaName":777,"dataGaLocation":673},"/ja-jp/solutions/software-compliance/","software compliance",{"title":779,"link":780,"items":785},"測定",{"config":781},{"icon":782,"href":783,"dataGaName":784,"dataGaLocation":673},"DigitalTransformation","/ja-jp/solutions/visibility-measurement/","visibility and measurement",[786,790,795],{"text":787,"config":788},"可視性と測定",{"href":783,"dataGaLocation":673,"dataGaName":789},"Visibility and Measurement",{"text":791,"config":792},"バリューストリーム管理",{"href":793,"dataGaLocation":673,"dataGaName":794},"/ja-jp/solutions/value-stream-management/","Value Stream Management",{"text":796,"config":797},"分析とインサイト",{"href":798,"dataGaLocation":673,"dataGaName":799},"/ja-jp/solutions/analytics-and-insights/","Analytics and insights",{"title":801,"type":724,"items":802},"GitLabが活躍する場所",[803,809,815],{"text":804,"config":805},"大企業",{"icon":806,"href":807,"dataGaLocation":673,"dataGaName":808},"Building","/ja-jp/enterprise/","enterprise",{"text":810,"config":811},"スモールビジネス",{"icon":812,"href":813,"dataGaLocation":673,"dataGaName":814},"Work","/ja-jp/small-business/","small business",{"text":816,"config":817},"公共部門",{"icon":818,"href":819,"dataGaLocation":673,"dataGaName":820},"Organization","/ja-jp/solutions/public-sector/","public sector",{"text":822,"config":823},"価格",{"href":824,"dataGaName":825,"dataGaLocation":673,"dataNavLevelOne":825},"/ja-jp/pricing/","pricing",{"text":827,"config":828,"menu":830},"関連リソース",{"dataNavLevelOne":829},"resources",{"type":724,"link":831,"columns":835,"feature":919},{"text":832,"config":833},"すべてのリソースを表示",{"href":834,"dataGaName":829,"dataGaLocation":673},"/ja-jp/resources/",[836,869,891],{"title":837,"items":838},"はじめに",[839,844,849,854,859,864],{"text":840,"config":841},"インストール",{"href":842,"dataGaName":843,"dataGaLocation":673},"/ja-jp/install/","install",{"text":845,"config":846},"クイックスタートガイド",{"href":847,"dataGaName":848,"dataGaLocation":673},"/ja-jp/get-started/","quick setup checklists",{"text":850,"config":851},"学ぶ",{"href":852,"dataGaLocation":673,"dataGaName":853},"https://university.gitlab.com/","learn",{"text":855,"config":856},"製品ドキュメント",{"href":857,"dataGaName":858,"dataGaLocation":673},"https://docs.gitlab.com/","product documentation",{"text":860,"config":861},"ベストプラクティスビデオ",{"href":862,"dataGaName":863,"dataGaLocation":673},"/ja-jp/getting-started-videos/","best practice videos",{"text":865,"config":866},"インテグレーション",{"href":867,"dataGaName":868,"dataGaLocation":673},"/ja-jp/integrations/","integrations",{"title":870,"items":871},"検索する",[872,877,882,886],{"text":873,"config":874},"お客様成功事例",{"href":875,"dataGaName":876,"dataGaLocation":673},"/ja-jp/customers/","customer success stories",{"text":878,"config":879},"ブログ",{"href":880,"dataGaName":881,"dataGaLocation":673},"/ja-jp/blog/","blog",{"text":883,"config":884},"The Source",{"href":885,"dataGaName":881,"dataGaLocation":673},"/ja-jp/the-source/",{"text":887,"config":888},"リモート",{"href":889,"dataGaName":890,"dataGaLocation":673},"https://handbook.gitlab.com/handbook/company/culture/all-remote/","remote",{"title":892,"items":893},"つなげる",[894,899,904,909,914],{"text":895,"config":896},"GitLabサービス",{"href":897,"dataGaName":898,"dataGaLocation":673},"/ja-jp/services/","services",{"text":900,"config":901},"コミュニティ",{"href":902,"dataGaName":903,"dataGaLocation":673},"/community/","community",{"text":905,"config":906},"フォーラム",{"href":907,"dataGaName":908,"dataGaLocation":673},"https://forum.gitlab.com/","forum",{"text":910,"config":911},"イベント",{"href":912,"dataGaName":913,"dataGaLocation":673},"/events/","events",{"text":915,"config":916},"パートナー",{"href":917,"dataGaName":918,"dataGaLocation":673},"/ja-jp/partners/","partners",{"config":920,"title":923,"text":924,"link":925},{"background":921,"textColor":922},"url('https://res.cloudinary.com/about-gitlab-com/image/upload/v1777322348/qpq8yrgn8knii57omj0c.png')","#000","GitLabの最新情報","最新の機能と改善点に関する情報をお届けします。",{"text":926,"config":927},"最新情報を読む",{"href":928,"dataGaName":929,"dataGaLocation":673},"/ja-jp/whats-new/","whats new",{"text":931,"config":932,"menu":934},"企業情報",{"dataNavLevelOne":933},"company",{"type":724,"columns":935},[936],{"items":937},[938,943,949,951,956,961,966,971,976,981],{"text":939,"config":940},"GitLabについて",{"href":941,"dataGaName":942,"dataGaLocation":673},"/ja-jp/company/","about",{"text":944,"config":945,"footerGa":948},"採用情報",{"href":946,"dataGaName":947,"dataGaLocation":673},"/jobs/","jobs",{"dataGaName":947},{"text":910,"config":950},{"href":912,"dataGaName":913,"dataGaLocation":673},{"text":952,"config":953},"経営陣",{"href":954,"dataGaName":955,"dataGaLocation":673},"/company/team/e-group/","leadership",{"text":957,"config":958},"ハンドブック",{"href":959,"dataGaName":960,"dataGaLocation":673},"https://handbook.gitlab.com/","handbook",{"text":962,"config":963},"投資家向け情報",{"href":964,"dataGaName":965,"dataGaLocation":673},"https://ir.gitlab.com/","investor relations",{"text":967,"config":968},"トラストセンター",{"href":969,"dataGaName":970,"dataGaLocation":673},"/ja-jp/security/","trust center",{"text":972,"config":973},"AI Transparency Center",{"href":974,"dataGaName":975,"dataGaLocation":673},"/ja-jp/ai-transparency-center/","ai transparency center",{"text":977,"config":978},"ニュースレター",{"href":979,"dataGaName":980,"dataGaLocation":673},"/company/contact/#contact-forms","newsletter",{"text":982,"config":983},"プレス",{"href":984,"dataGaName":985,"dataGaLocation":673},"/press/","press",{"text":987,"config":988,"menu":989},"お問い合わせ",{"dataNavLevelOne":933},{"type":724,"columns":990},[991],{"items":992},[993,996,1001],{"text":680,"config":994},{"href":682,"dataGaName":995,"dataGaLocation":673},"talk to sales",{"text":997,"config":998},"サポートを受ける",{"href":999,"dataGaName":1000,"dataGaLocation":673},"https://support.gitlab.com","support portal",{"text":1002,"config":1003},"カスタマーポータル",{"href":1004,"dataGaName":1005,"dataGaLocation":673},"https://customers.gitlab.com/customers/sign_in/","customer portal",{"close":1007,"login":1008,"suggestions":1015},"閉じる",{"text":1009,"link":1010},"リポジトリとプロジェクトを検索するには、次にログインします",{"text":1011,"config":1012},"GitLab.com",{"href":687,"dataGaName":1013,"dataGaLocation":1014},"search login","search",{"text":1016,"default":1017},"提案",[1018,1020,1025,1027,1031,1035],{"text":704,"config":1019},{"href":709,"dataGaName":704,"dataGaLocation":1014},{"text":1021,"config":1022},"コード提案（AI）",{"href":1023,"dataGaName":1024,"dataGaLocation":1014},"/ja-jp/solutions/code-suggestions/","Code Suggestions (AI)",{"text":740,"config":1026},{"href":742,"dataGaName":740,"dataGaLocation":1014},{"text":1028,"config":1029},"GitLab on AWS",{"href":1030,"dataGaName":1028,"dataGaLocation":1014},"/ja-jp/partners/technology-partners/aws/",{"text":1032,"config":1033},"GitLab on Google Cloud",{"href":1034,"dataGaName":1032,"dataGaLocation":1014},"/ja-jp/partners/technology-partners/google-cloud-platform/",{"text":1036,"config":1037},"GitLabを選ぶ理由",{"href":717,"dataGaName":1038,"dataGaLocation":1014},"Why GitLab?",{"freeTrial":1040,"mobileIcon":1044,"desktopIcon":1049,"secondaryButton":1052},{"text":675,"config":1041},{"href":1042,"dataGaName":678,"dataGaLocation":1043},"https://gitlab.com/-/trials/new/","nav",{"altText":1045,"config":1046},"GitLabアイコン",{"src":1047,"dataGaName":1048,"dataGaLocation":1043},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758203874/jypbw1jx72aexsoohd7x.svg","gitlab icon",{"altText":1045,"config":1050},{"src":1051,"dataGaName":1048,"dataGaLocation":1043},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758203875/gs4c8p8opsgvflgkswz9.svg",{"text":837,"config":1053},{"href":1054,"dataGaName":1055,"dataGaLocation":1043},"https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/ja-jp/get-started/","get started",{"freeTrial":1057,"mobileIcon":1061,"desktopIcon":1063},{"text":1058,"config":1059},"GitLab Duoの詳細について",{"href":709,"dataGaName":1060,"dataGaLocation":1043},"gitlab duo",{"altText":1045,"config":1062},{"src":1047,"dataGaName":1048,"dataGaLocation":1043},{"altText":1045,"config":1064},{"src":1051,"dataGaName":1048,"dataGaLocation":1043},{"button":1066,"mobileIcon":1071,"desktopIcon":1073},{"text":1067,"config":1068},"/switch",{"href":1069,"dataGaName":1070,"dataGaLocation":1043},"#contact","switch",{"altText":1045,"config":1072},{"src":1047,"dataGaName":1048,"dataGaLocation":1043},{"altText":1045,"config":1074},{"src":1075,"dataGaName":1048,"dataGaLocation":1043},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1773335277/ohhpiuoxoldryzrnhfrh.png",{"freeTrial":1077,"mobileIcon":1082,"desktopIcon":1084},{"text":1078,"config":1079},"料金ページに戻る",{"href":824,"dataGaName":1080,"dataGaLocation":1043,"icon":1081},"back to pricing","GoBack",{"altText":1045,"config":1083},{"src":1047,"dataGaName":1048,"dataGaLocation":1043},{"altText":1045,"config":1085},{"src":1051,"dataGaName":1048,"dataGaLocation":1043},{"title":1087,"button":1088,"config":1093},"エージェント型AIがソフトウェアデリバリーをどのように変革するかをご覧ください",{"text":1089,"config":1090},"6月18日のGitLab Transcend日本開催版に申し込む",{"href":1091,"dataGaName":1092,"dataGaLocation":673},"/ja-jp/events/transcend/virtual/","transcend event",{"layout":1094,"disabled":655},"release",{"data":1096},{"text":1097,"source":1098,"edit":1104,"contribute":1109,"config":1114,"items":1119,"minimal":1327},"GitはSoftware Freedom Conservancyの商標です。当社は「GitLab」をライセンスに基づいて使用しています",{"text":1099,"config":1100},"ページのソースを表示",{"href":1101,"dataGaName":1102,"dataGaLocation":1103},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/","page source","footer",{"text":1105,"config":1106},"このページを編集",{"href":1107,"dataGaName":1108,"dataGaLocation":1103},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/content/","web ide",{"text":1110,"config":1111},"ご協力をお願いします",{"href":1112,"dataGaName":1113,"dataGaLocation":1103},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/CONTRIBUTING.md/","please contribute",{"twitter":1115,"facebook":1116,"youtube":1117,"linkedin":1118},"https://twitter.com/gitlab","https://www.facebook.com/gitlab","https://www.youtube.com/channel/UCnMGQ8QHMAnVIsI3xJrihhg","https://www.linkedin.com/company/gitlab-com",[1120,1165,1218,1262,1294],{"title":822,"links":1121,"subMenu":1136},[1122,1126,1131],{"text":1123,"config":1124},"プランの表示",{"href":824,"dataGaName":1125,"dataGaLocation":1103},"view plans",{"text":1127,"config":1128},"Premiumを選ぶ理由",{"href":1129,"dataGaName":1130,"dataGaLocation":1103},"/ja-jp/pricing/premium/","why premium",{"text":1132,"config":1133},"Ultimateを選ぶ理由",{"href":1134,"dataGaName":1135,"dataGaLocation":1103},"/ja-jp/pricing/ultimate/","why ultimate",[1137],{"title":987,"links":1138},[1139,1141,1143,1145,1150,1155,1160],{"text":987,"config":1140},{"href":682,"dataGaName":683,"dataGaLocation":1103},{"text":997,"config":1142},{"href":999,"dataGaName":1000,"dataGaLocation":1103},{"text":1002,"config":1144},{"href":1004,"dataGaName":1005,"dataGaLocation":1103},{"text":1146,"config":1147},"ステータス",{"href":1148,"dataGaName":1149,"dataGaLocation":1103},"https://status.gitlab.com/","status",{"text":1151,"config":1152},"利用規約",{"href":1153,"dataGaName":1154,"dataGaLocation":1103},"/terms/","terms of use",{"text":1156,"config":1157},"プライバシーに関する声明",{"href":1158,"dataGaName":1159,"dataGaLocation":1103},"/ja-jp/privacy/","privacy statement",{"text":1161,"config":1162},"Cookie 優先設定",{"dataGaName":1163,"dataGaLocation":1103,"id":1164,"isOneTrustButton":206},"cookie preferences","ot-sdk-btn",{"title":720,"links":1166,"subMenu":1175},[1167,1171],{"text":1168,"config":1169},"DevSecOpsプラットフォーム",{"href":702,"dataGaName":1170,"dataGaLocation":1103},"devsecops platform",{"text":1172,"config":1173},"AI支援開発",{"href":709,"dataGaName":1174,"dataGaLocation":1103},"ai-assisted development",[1176],{"title":1177,"links":1178},"トピック",[1179,1183,1188,1193,1198,1203,1208,1213],{"text":740,"config":1180},{"href":1181,"dataGaName":1182,"dataGaLocation":1103},"/ja-jp/topics/ci-cd/","cicd",{"text":1184,"config":1185},"GitOps",{"href":1186,"dataGaName":1187,"dataGaLocation":1103},"/ja-jp/topics/gitops/","gitops",{"text":1189,"config":1190},"DevOps",{"href":1191,"dataGaName":1192,"dataGaLocation":1103},"/ja-jp/topics/devops/","devops",{"text":1194,"config":1195},"バージョン管理",{"href":1196,"dataGaName":1197,"dataGaLocation":1103},"/ja-jp/topics/version-control/","version control",{"text":1199,"config":1200},"DevSecOps",{"href":1201,"dataGaName":1202,"dataGaLocation":1103},"/ja-jp/topics/devsecops/","devsecops",{"text":1204,"config":1205},"クラウドネイティブ",{"href":1206,"dataGaName":1207,"dataGaLocation":1103},"/ja-jp/topics/cloud-native/","cloud native",{"text":1209,"config":1210},"コーディングのためのAI",{"href":1211,"dataGaName":1212,"dataGaLocation":1103},"/ja-jp/topics/devops/ai-for-coding/","ai for coding",{"text":1214,"config":1215},"エージェント型AI",{"href":1216,"dataGaName":1217,"dataGaLocation":1103},"/ja-jp/topics/agentic-ai/","agentic ai",{"title":1219,"links":1220},"ソリューション",[1221,1224,1226,1231,1235,1238,1241,1244,1247,1249,1252,1257],{"text":765,"config":1222},{"href":760,"dataGaName":1223,"dataGaLocation":1103},"Application Security Testing",{"text":752,"config":1225},{"href":736,"dataGaName":737,"dataGaLocation":1103},{"text":1227,"config":1228},"アジャイル開発",{"href":1229,"dataGaName":1230,"dataGaLocation":1103},"/ja-jp/solutions/agile-delivery/","agile delivery",{"text":1232,"config":1233},"SCM",{"href":749,"dataGaName":1234,"dataGaLocation":1103},"source code management",{"text":740,"config":1236},{"href":742,"dataGaName":1237,"dataGaLocation":1103},"continuous integration & delivery",{"text":791,"config":1239},{"href":793,"dataGaName":1240,"dataGaLocation":1103},"value stream management",{"text":1184,"config":1242},{"href":1243,"dataGaName":1187,"dataGaLocation":1103},"/ja-jp/solutions/gitops/",{"text":1245,"config":1246},"エンタープライズ",{"href":807,"dataGaName":808,"dataGaLocation":1103},{"text":810,"config":1248},{"href":813,"dataGaName":814,"dataGaLocation":1103},{"text":1250,"config":1251},"公共機関",{"href":819,"dataGaName":820,"dataGaLocation":1103},{"text":1253,"config":1254},"教育",{"href":1255,"dataGaName":1256,"dataGaLocation":1103},"/ja-jp/solutions/education/","education",{"text":1258,"config":1259},"金融サービス",{"href":1260,"dataGaName":1261,"dataGaLocation":1103},"/ja-jp/solutions/finance/","financial services",{"title":1263,"links":1264},"リソース",[1265,1267,1269,1271,1275,1277,1280,1282,1284,1286,1288,1290,1292],{"text":840,"config":1266},{"href":842,"dataGaName":843,"dataGaLocation":1103},{"text":845,"config":1268},{"href":847,"dataGaName":848,"dataGaLocation":1103},{"text":850,"config":1270},{"href":852,"dataGaName":853,"dataGaLocation":1103},{"text":855,"config":1272},{"href":1273,"dataGaName":1274,"dataGaLocation":1103},"https://docs.gitlab.com/ja-jp/","docs",{"text":878,"config":1276},{"href":880,"dataGaName":881,"dataGaLocation":1103},{"text":1278,"config":1279},"新着情報",{"href":928,"dataGaName":929,"dataGaLocation":1103},{"text":873,"config":1281},{"href":875,"dataGaName":876,"dataGaLocation":1103},{"text":887,"config":1283},{"href":889,"dataGaName":890,"dataGaLocation":1103},{"text":895,"config":1285},{"href":897,"dataGaName":898,"dataGaLocation":1103},{"text":900,"config":1287},{"href":902,"dataGaName":903,"dataGaLocation":1103},{"text":905,"config":1289},{"href":907,"dataGaName":908,"dataGaLocation":1103},{"text":910,"config":1291},{"href":912,"dataGaName":913,"dataGaLocation":1103},{"text":915,"config":1293},{"href":917,"dataGaName":918,"dataGaLocation":1103},{"title":1295,"links":1296},"会社情報",[1297,1299,1301,1303,1305,1307,1311,1316,1318,1320,1322],{"text":939,"config":1298},{"href":941,"dataGaName":933,"dataGaLocation":1103},{"text":944,"config":1300},{"href":946,"dataGaName":947,"dataGaLocation":1103},{"text":952,"config":1302},{"href":954,"dataGaName":955,"dataGaLocation":1103},{"text":957,"config":1304},{"href":959,"dataGaName":960,"dataGaLocation":1103},{"text":962,"config":1306},{"href":964,"dataGaName":965,"dataGaLocation":1103},{"text":1308,"config":1309},"Sustainability",{"href":1310,"dataGaName":1308,"dataGaLocation":1103},"/sustainability/",{"text":1312,"config":1313},"ダイバーシティ、インクルージョン、ビロンギング（DIB）",{"href":1314,"dataGaName":1315,"dataGaLocation":1103},"/ja-jp/diversity-inclusion-belonging/","Diversity, inclusion and belonging",{"text":967,"config":1317},{"href":969,"dataGaName":970,"dataGaLocation":1103},{"text":977,"config":1319},{"href":979,"dataGaName":980,"dataGaLocation":1103},{"text":982,"config":1321},{"href":984,"dataGaName":985,"dataGaLocation":1103},{"text":1323,"config":1324},"現代奴隷制の透明性に関する声明",{"href":1325,"dataGaName":1326,"dataGaLocation":1103},"https://handbook.gitlab.com/handbook/legal/modern-slavery-act-transparency-statement/","modern slavery transparency statement",{"items":1328},[1329,1331,1334],{"text":1151,"config":1330},{"href":1153,"dataGaName":1154,"dataGaLocation":1103},{"text":1332,"config":1333},"Cookieの設定",{"dataGaName":1163,"dataGaLocation":1103,"id":1164,"isOneTrustButton":206},{"text":1156,"config":1335},{"href":1158,"dataGaName":1159,"dataGaLocation":1103},[1337],{"id":1338,"title":7,"body":649,"config":1339,"content":1341,"description":649,"extension":1346,"meta":1347,"navigation":206,"path":1348,"seo":1349,"stem":1350,"__hash__":1351},"blogAuthors/en-us/blog/authors/evan-baltman.yml",{"template":1340},"BlogAuthor",{"name":7,"config":1342},{"headshot":1343,"socialProof":1344},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1777579628/fkgn1kh0c1ndgba9yrkq.png",{"gitlabHandle":1345},"ebaltman","yml",{},"/en-us/blog/authors/evan-baltman",{},"en-us/blog/authors/evan-baltman","lIHS0uxztwtRrA-cy594VFaaYQp9r_oqQeUFF1B8eTU",[1353,1362,1369],{"title":1354,"description":1355,"heroImage":1356,"category":645,"date":1357,"authors":1358,"slug":1361,"externalUrl":649},"PyPIタイポスクワッティングを悪用したShai-Hulud模倣攻撃、Python開発者を狙う","GitLabの脆弱性リサーチチームが、PyPIを標的とした新たなPythonサプライチェーン攻撃を発見しました。悪意あるパッケージがShai-Huludワームを展開し、主要なクラウドプロバイダーのCI/CDシステムから認証情報を窃取します。","https://res.cloudinary.com/about-gitlab-com/image/upload/v1772630163/akp8ly2mrsfrhsb0liyb.png","2026-06-09",[1359,1360],"Dinesh Bolkensteyn","Daniel Abeles","shai-hulud-copycat-campaign-targets-python-developers",{"title":1363,"description":1364,"heroImage":1356,"category":645,"date":1365,"authors":1366,"slug":1368,"externalUrl":649},"3月のサプライチェーン攻撃から学ぶパイプラインセキュリティ","2026年3月、Trivy・Checkmarx KICS・LiteLLM・axiosが次々と侵害されました。GitLabの集中管理されたパイプライン実行ポリシーが、これらのサプライチェーン攻撃パターンをどのように検出・ブロックできるかをご紹介します。","2026-04-07",[1367],"Grant Hickman","pipeline-security-lessons-from-march-supply-chain-incidents",{"title":1370,"description":1371,"heroImage":1372,"category":645,"date":1373,"authors":1374,"slug":1376,"externalUrl":649},"GitLabがnpmサプライチェーンへの大規模攻撃を発見","攻撃を引き起こすマルウェアには、ユーザーデータを破壊する「デッドマンスイッチ」が含まれています。","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749665667/Blog/Hero%20Images/built-in-security.jpg","2025-11-24",[1375,1360],"Michael Henriksen","gitlab-discovers-widespread-npm-supply-chain-attack",{"promotions":1378},[1379,1393,1405,1416],{"id":1380,"categories":1381,"header":1383,"text":1384,"button":1385,"image":1390},"ai-modernization",[1382],"ai","AIの真価、組織全体で発揮できていますか？","所要時間は5分以内です",{"text":1386,"config":1387},"AI成熟度スコアを確認する",{"href":1388,"dataGaName":1389,"dataGaLocation":881},"/ja-jp/assessments/ai-modernization-assessment/","modernization assessment",{"config":1391},{"src":1392},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772138786/qix0m7kwnd8x2fh1zq49.png",{"id":1394,"categories":1395,"header":1397,"text":1384,"button":1398,"image":1402},"devops-modernization",[1396,1202],"product","単にツールを管理するだけでなく、イノベーションを提供していますか？",{"text":1399,"config":1400},"DevOps成熟度スコアを確認しましょう",{"href":1401,"dataGaName":1389,"dataGaLocation":881},"/ja-jp/assessments/devops-modernization-assessment/",{"config":1403},{"src":1404},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772138785/eg818fmakweyuznttgid.png",{"id":1406,"categories":1407,"header":1408,"text":1384,"button":1409,"image":1413},"security-modernization",[662],"スピードのためにセキュリティを犠牲にしていませんか？",{"text":1410,"config":1411},"セキュリティ成熟度スコアを確認しましょう",{"href":1412,"dataGaName":1389,"dataGaLocation":881},"/ja-jp/assessments/security-modernization-assessment/",{"config":1414},{"src":1415},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772138786/p4pbqd9nnjejg5ds6mdk.png",{"id":1417,"paths":1418,"header":1421,"text":1422,"button":1423,"image":1428},"github-azure-migration",[1419,1420],"migration-from-azure-devops-to-gitlab","integrating-azure-devops-scm-and-gitlab","チームはGitHubのAzure移行に対応できていますか？","GitHubはすでにAzureを基盤として再構築を進めています。それがあなたのチームにとって何を意味するのか、ご確認ください。",{"text":1424,"config":1425},"GitLabとGitHubの比較を見る",{"href":1426,"dataGaName":1427,"dataGaLocation":881},"/ja-jp/compare/gitlab-vs-github/github-azure-migration/","github azure migration",{"config":1429},{"src":1404},{"header":1431,"blurb":1432,"button":1433,"secondaryButton":1437},"今すぐ開発をスピードアップ","DevSecOpsに特化したインテリジェントオーケストレーションプラットフォームで実現できることをご確認ください。\n",{"text":675,"config":1434},{"href":1435,"dataGaName":678,"dataGaLocation":1436},"https://gitlab.com/-/trial_registrations/new?glm_content=default-saas-trial&glm_source=about.gitlab.com/ja-jp/","feature",{"text":987,"config":1438},{"href":682,"dataGaName":683,"dataGaLocation":1436},1781392784187]