BlogSecurity17

Browse articles from Security

Recent posts

Security

Updates regarding Rubygems ‘Unauthorized gem takeover for some gems’ vulnerability CVE-2022-29176

Actions we've taken to investigate the Rubygems takeover vulnerability.

Security

Updates regarding Spring remote code execution vulnerabilities CVE-2022-22965 and CVE-2022-22963

Actions we've taken to investigate the Spring RCE vulnerabilities.

Security

How to ensure separation of duties and enforce compliance with GitLab

Use your DevSecOps platform to help maintain compliance without compromising on development speed.

Security

Comply with NIST's secure software supply chain framework with GitLab

The U.S. government's Secure Software Development Framework has four key practices. GitLab's DevOps platform has features to address them all.

Security

How GitLab's integration with Rezilion reduces vulnerability backlog and identifies exploitable risks

The native integration helps developers detect and remediate vulnerabilities that are exploitable early on in the development process.

Security

Action we've taken in response to a potential Okta breach

Actions we've taken to investigate a potential Okta breach.

Security

Security hygiene best practices for GitLab users

Security hygiene measures that GitLab.com and Self-managed users should consider implementing.

Security

How GitLab handles security bugs (and why it matters)

Learn what makes our approach to handling and transparently disclosing security bugs unique.

Security

Introducing a community-driven advisory database for third-party software dependencies

The advisory data can be readily adopted, adapted, and exchanged. Learn more here.

Ready to get started?

See what your team could do with a unified DevSecOps Platform

Get free trial

Find out which plan works best for your team

Learn about pricing

Learn about what GitLab can do for your team

Talk to an expert