BlogSecurity19

Browse articles from Security

Recent posts

Security

Three things you might not know about GitLab security

There's so much more to GitLab's security offering than meets the eye. Here are three features you may have missed.

Security

Deep dive: the tech stack behind Spamcheck

We take a closer look at the tooling, technical choices, metrics and lessons learned behind our new anti-abuse tool.

Security

Top five actions engineers should take based on the OWASP Top 10 2021 security updates

Learn what actions engineers should take based on the OWASP Top 10 updates for 2021

Security

Action needed by self-managed customers in response to CVE-2021-22205

Self-managed users using outdated versions should update immediately.

Security

Our 3rd annual bug bounty contest: the swagtastic sequel to the sequel

We’re running a bug bounty contest November 1 thru December 3. Find a bug and be entered to win some sweet custom swag. What’s better than a contest? Increased bounty ranges!

Security

How we’re using DAST 2 for easier scan configuration and reduced noise

Our security team upgraded to GitLab’s DAST 2. Here’s how and why we did it.

Security

Notice for GitKraken users with GitLab

How we responded to Axosoft’s GitKraken software vulnerability affecting SSH keys and actions users should take.

Security

Threat modeling the Kubernetes Agent: from MVC to continuous improvement

Learn how we put our threat model into action iteratively and expanded the process into a full-fledged standalone activity.

Security

SemVer versioning: how we handled it with linear interval arithmetic

SemVer versioning made it difficult to automate processing. We turned to linear interval arithmetic to come up with a unified, language-agnostic semantic versioning approach.

Ready to get started?

See what your team could do with a unified DevSecOps Platform

Get free trial

Find out which plan works best for your team

Learn about pricing

Learn about what GitLab can do for your team

Talk to an expert