[{"data":1,"prerenderedAt":770},["ShallowReactive",2],{"/en-us/blog/a-developers-guide-to-building-secure-retail-apps-with-gitlab":3,"navigation-en-us":35,"banner-en-us":462,"footer-en-us":479,"Itzik Gan Baruch-Rebeca Fenoy-Anthony":724,"next-steps-en-us":748,"footer-source-/en-us/blog/a-developers-guide-to-building-secure-retail-apps-with-gitlab/":763},{"_path":4,"_dir":5,"_draft":6,"_partial":6,"_locale":7,"seo":8,"content":12,"config":24,"_id":28,"_type":29,"title":30,"_source":31,"_file":32,"_stem":33,"_extension":34},"/en-us/blog/a-developers-guide-to-building-secure-retail-apps-with-gitlab","blog",false,"",{"config":9,"title":10,"description":11},{"noIndex":6},"A developer's guide to building secure retail apps with GitLab","Learn how a DevSecOps platform helps retailers develop secure, compliant software for complex, high-traffic retail environments.",{"title":10,"description":11,"authors":13,"body":16,"category":17,"tags":18,"date":22,"heroImage":23},[14,15],"Itzik Gan Baruch","Rebeca Fenoy-Anthony","Retailers often find application security challenging — in large part because the **attack surface is broader than ever** due to the complexity of modern commerce. From mobile apps and AI-powered personalization to omni-channel platforms and in-store IoT, every touchpoint increases the number of systems that must be secured and monitored. A single vulnerability doesn’t just affect one component, it can cascade across payment processors, inventory systems, customer data, and ultimately, brand trust.\n\nTraditional security approaches that once worked in simpler retail environments now struggle to keep up. Security processes are often bolted on as an afterthought, slowing teams down and increasing risk. But it doesn’t have to be this way.\n\n**Modern platforms embed security throughout the development lifecycle,** making protection a seamless part of the developer workflow, not a barrier to delivery. This approach turns security into a strategic advantage, enabling innovation without compromising resilience.\n\nIn this article, you'll discover how an integrated DevSecOps platform helps retail teams meet rising security demands **without slowing down delivery or compromising customer experience**.\n\n## Why retail security demands a different approach\n\nIn retail, security is about more than protecting data — it’s about protecting the customer experience that drives revenue. Any slowdown, outage, or vulnerability can lead to lost sales and broken trust. Retail platforms must stay online, meet compliance standards, and defend against nonstop attacks from the open internet. Unlike enterprise systems, they’re fully public-facing, with a much broader attack surface. Add in third-party integrations, APIs, and legacy systems, and it’s clear: traditional security approaches aren’t enough.\n\nAdding to the complexity, retailers face a unique set of challenges that further increase their security risks, including:\n\n### Supply chain fragility and API sprawl\n\nShipping delays, global instability, and interconnected systems disrupt logistics. Nearly half of retailers report product availability issues, and 25% lack real-time inventory visibility, according to a [2024 Fluent Commerce survey](https://premierconstructionnews.com/2024/05/25/retails-revival-fluent-commerce-study-finds-93-of-uk-retailers-expect-business-growth-over-next-year-despite-economic-challenges-and-supply-chain-disruption/). While AI-powered forecasting helps, insecure APIs and fragile integrations across the digital supply chain create attack vectors.\n\n### Legacy systems meet modern demands\n\nMany retailers operate on monolithic, outdated systems that struggle to support mobile apps, IoT devices, and real-time analytics securely. Without secure, agile foundations, each new digital touchpoint becomes a potential vulnerability.\n\n### AI and compliance complexity\n\nAI reshapes retail experiences through personalized recommendations and advanced customer tracking technologies like beacon sensors, facial recognition, and mobile app location services that monitor movement and behavior within physical stores. These AI-powered systems enhance both customer experiences and demand forecasting capabilities for retailers. However, [GDPR](https://gdpr.eu/what-is-gdpr/) (the European Union's General Data Protection Regulation) and similar global privacy laws require secure data handling and transparent AI logic. Security missteps can result in significant fines and lasting reputational damage.\n\n### Customer-facing automation risks\n\nSelf-checkouts, kiosks, and chatbots promise convenience and cost savings but often lack security hardening. These touchpoints become entry points for cyber attackers and enable traditional theft through weak fraud detection, limited monitoring, and easily manipulated systems that make shoplifting harder to detect.\n\n### Disparate threat surfaces\n\nRetailers are in a unique position where they must secure across multiple vectors, often maintained by globally distributed teams (depending on the size of the organization). E-commerce platforms, mobile applications, point-of-sale (POS) systems, and in-store IoT devices all provide an entry point for threat actors with unique characteristics requiring different security solutions to ensure resiliency.\n\nThis creates a unique paradox: Retailers must innovate faster than ever while maintaining higher security standards than most industries, all while delivering seamless customer experiences across every channel.\n\n## Why traditional AppSec falls short in retail\n\nMost retailers rely on disconnected security tools such as static application security testing (SAST) scanners, license checkers, and vulnerability assessments that work in isolation. This fragmented approach creates critical gaps:\n\n* **Limited lifecycle coverage:** Tools focus on narrow development phases, missing supply chain and runtime risks.\n \n* **Integration challenges:** Legacy system gaps and poor tool connectivity create security blind spots between teams and solutions.\n  \n* **Manual processes:** Security handoffs create bottlenecks, and issues are often discovered late, when they’re more costly to fix.\n  \n* **Team silos:** Security remains isolated from daily development workflows and separate from compliance and IT teams.\n\n### The path forward\n\nIn today’s fast-paced retail landscape, security can’t slow down innovation. Embedding it directly into the development lifecycle and bringing every team together on a single unified DevSecOps platform makes security a strategic advantage rather than a bottleneck.\n\n### A DevSecOps platform enables secure innovation at scale\n\nGitLab provides the most comprehensive set of security scanners to maximize application coverage, including:\n\n* [SAST](https://docs.gitlab.com/user/application_security/sast/)  \n* [DAST](https://docs.gitlab.com/user/application_security/dast/)  \n* [Dependency scanning](https://docs.gitlab.com/user/application_security/dependency_scanning/dependency_scanning_sbom/) \n* [Container scanning](https://docs.gitlab.com/user/application_security/container_scanning/)  \n* [Secret detection](https://docs.gitlab.com/user/application_security/secret_detection/)  \n* [Infrastructure-as-code scanning](https://docs.gitlab.com/user/application_security/iac_scanning/)  \n* [Fuzz testing](https://docs.gitlab.com/user/application_security/api_fuzzing/)\n\nBut security isn’t just about scanning. It's about [enforcing the right policies](https://docs.gitlab.com/user/compliance/compliance_frameworks/) to ensure vulnerabilities are identified and remediated consistently. With GitLab, security teams get full control to ensure the right scan is run on the right application, at the right time, and that the findings are addressed before they reach production.\n\n![Security scans in pipeline](https://res.cloudinary.com/about-gitlab-com/image/upload/v1756988740/x2dteagn1z8tjfahmobv.png)\n\n\u003Ccenter>\u003Ci>Security scans run in the CI/CD pipeline, ensuring immediate feedback on potential vulnerabilities.\u003C/i>\u003C/center>\n\u003Cp>\u003C/p>\n\n![Vulnerability Report shows all vulnerabilities for a specific project or group.](https://res.cloudinary.com/about-gitlab-com/image/upload/v1756988740/npsgvu5e0sd2kpoxug7f.png)\n\n\u003Ccenter>\u003Ci>Vulnerability Report shows all vulnerabilities for a specific project or group.\u003C/i>\u003C/center>\n\n### One platform for Dev, Sec, and Ops\n\nRetail teams waste countless hours switching between tools, manually transferring data, losing information between systems due to fragile integrations, and reconciling conflicting reports. A unified platform eliminates this friction:\n\n* **Single source of truth** for source code, pipelines, vulnerabilities, and compliance  \n* **No integration overhead** or tool compatibility issues  \n* **Consistent workflows** across all teams and projects\n\nThe result? Teams spend time solving problems instead of managing tools.\n\n![Compliance center where you can enforce compliance frameworks for your projects.](https://res.cloudinary.com/about-gitlab-com/image/upload/v1756988739/d2nzltd1a2gypywzhv5f.png)\n\n\u003Ccenter>\u003Ci>The compliance center is where you can enforce compliance frameworks for your projects.\u003C/i>\u003C/center>\n\u003Cp>\u003C/p>\n\n\n![In the merge request, developers require approval if risks are detected before merging code, according to defined policies.](https://res.cloudinary.com/about-gitlab-com/image/upload/v1756988740/szoocztazaup2avkaxhu.png)\n\n\u003Ccenter>\u003Ci>In the merge request, developers require approval if risks are detected before merging code, according to defined policies.\u003C/i>\u003C/center>\n\n### Shared security responsibility, not silos\n\nThe most successful retail security programs make security everyone's responsibility, not just the security team's burden.\n\n**Developer empowerment**\n\nSecurity and compliance guidance appears directly in merge requests, making it impossible to miss critical issues. Developers get immediate feedback on each commit, with clear explanations of risks and remediation steps. For example,  AI-powered vulnerability explanation and vulnerability resolution help developers understand and fix security issues independently, reducing bottlenecks and building security expertise across the team.\n\n![Vulnerability page with a button for explaining or resolving issues with AI. Helps to bridge the knowledge gap with AI.](https://res.cloudinary.com/about-gitlab-com/image/upload/v1756988741/uenrjye3arfg9wjtwss1.png)\n\n\u003Ccenter>\u003Ci>Vulnerability page with a button for explaining or resolving issues with AI. Helps to bridge the knowledge gap with AI.\u003C/i>\u003C/center>\n\n\u003Cp>\u003C/p>\n\n**Automated compliance**\n\nGenerate audit reports, track license usage, and maintain a software bill of materials (SBOM) without manual effort.\n\n![GitLab's automated dependency report provides a comprehensive SBOM, displaying all project dependencies with their vulnerability status, license details, and security findings for complete transparency and compliance.](https://res.cloudinary.com/about-gitlab-com/image/upload/v1756988739/gpakhdvkegloqxhaeje8.png)\n\n\u003Ccenter>\u003Ci>GitLab's automated dependency report provides a comprehensive SBOM, displaying all project dependencies with their vulnerability status, license details, and security findings for complete transparency and compliance.\u003C/i>\u003C/center>\n\u003Cp>\u003C/p>\n\nThis approach transforms security from a gate that slows delivery into a foundation that enables confident, rapid innovation.\n\n## Platform vs. point tools: What retailers need to know\n\n| Capability | Point Tools | GitLab DevSecOps Platform |\n|------------|-------------|---------------------------|\n| SAST/DAST/API/Fuzz | Separate & limited | Fully integrated |\n| License & dependency scanning | Often external tools | Built-in |\n| Compliance & audit reporting | Manual or disconnected | Automated with traceability |\n| Collaboration across teams | Fragmented | Unified environment |\n| End-to-end visibility | Tool-specific | Full lifecycle + value stream view |\n\n## The bottom line: Security excellence drives retail success\n\nIn retail, security isn't just about protecting data, it's about protecting the customer experience that drives revenue. When security slows down releases or creates vulnerabilities, it directly impacts sales. Your customers expect secure, seamless experiences every time.\n\nGitLab's integrated DevSecOps platform helps retailers:\n\n* **Deploy faster without compromising security** with automated scans that catch issues before customers do.  \n* **Meet compliance requirements effortlessly** through built-in reporting for GDPR, PCI-DSS, and industry standards.  \n* **Significantly reduce security tool costs** by replacing multiple point solutions with one platform.  \n* **Turn developers into security advocates** with guidance and automation, not roadblocks.\n\nTake a tour of some of GitLab's security capabilities:\n\n* [Resolving vulnerabilities with GitLab Duo](https://gitlab.navattic.com/ve-vr-short)   \n* [Adding scans to pipeline](https://gitlab.navattic.com/gitlab-scans)  \n* [Compliance frameworks](https://gitlab.navattic.com/compliance-short)  \n* [Advanced SAST](https://gitlab.navattic.com/advanced-sast-short)\n\n> Ready to get started? Discover how GitLab Ultimate with Duo Enterprise can streamline your retail security strategy with [a free trial](https://about.gitlab.com/free-trial/).","security",[17,19,20,21],"product","features","AI/ML","2025-09-04","https://res.cloudinary.com/about-gitlab-com/image/upload/v1756989645/fojzxakmfdea6jfqjkrl.png",{"featured":25,"template":26,"slug":27},true,"BlogPost","a-developers-guide-to-building-secure-retail-apps-with-gitlab","content:en-us:blog:a-developers-guide-to-building-secure-retail-apps-with-gitlab.yml","yaml","A Developers Guide To Building Secure Retail Apps With Gitlab","content","en-us/blog/a-developers-guide-to-building-secure-retail-apps-with-gitlab.yml","en-us/blog/a-developers-guide-to-building-secure-retail-apps-with-gitlab","yml",{"_path":36,"_dir":37,"_draft":6,"_partial":6,"_locale":7,"data":38,"_id":458,"_type":29,"title":459,"_source":31,"_file":460,"_stem":461,"_extension":34},"/shared/en-us/main-navigation","en-us",{"logo":39,"freeTrial":44,"sales":49,"login":54,"items":59,"search":389,"minimal":420,"duo":439,"pricingDeployment":448},{"config":40},{"href":41,"dataGaName":42,"dataGaLocation":43},"/","gitlab logo","header",{"text":45,"config":46},"Get free trial",{"href":47,"dataGaName":48,"dataGaLocation":43},"https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com&glm_content=default-saas-trial/","free trial",{"text":50,"config":51},"Talk to sales",{"href":52,"dataGaName":53,"dataGaLocation":43},"/sales/","sales",{"text":55,"config":56},"Sign in",{"href":57,"dataGaName":58,"dataGaLocation":43},"https://gitlab.com/users/sign_in/","sign in",[60,104,200,205,310,370],{"text":61,"config":62,"cards":64,"footer":87},"Platform",{"dataNavLevelOne":63},"platform",[65,71,79],{"title":61,"description":66,"link":67},"The most comprehensive AI-powered DevSecOps Platform",{"text":68,"config":69},"Explore our Platform",{"href":70,"dataGaName":63,"dataGaLocation":43},"/platform/",{"title":72,"description":73,"link":74},"GitLab Duo (AI)","Build software faster with AI at every stage of development",{"text":75,"config":76},"Meet GitLab Duo",{"href":77,"dataGaName":78,"dataGaLocation":43},"/gitlab-duo/","gitlab duo ai",{"title":80,"description":81,"link":82},"Why GitLab","10 reasons why Enterprises choose GitLab",{"text":83,"config":84},"Learn more",{"href":85,"dataGaName":86,"dataGaLocation":43},"/why-gitlab/","why gitlab",{"title":88,"items":89},"Get started with",[90,95,100],{"text":91,"config":92},"Platform Engineering",{"href":93,"dataGaName":94,"dataGaLocation":43},"/solutions/platform-engineering/","platform engineering",{"text":96,"config":97},"Developer Experience",{"href":98,"dataGaName":99,"dataGaLocation":43},"/developer-experience/","Developer experience",{"text":101,"config":102},"MLOps",{"href":103,"dataGaName":101,"dataGaLocation":43},"/topics/devops/the-role-of-ai-in-devops/",{"text":105,"left":25,"config":106,"link":108,"lists":112,"footer":182},"Product",{"dataNavLevelOne":107},"solutions",{"text":109,"config":110},"View all Solutions",{"href":111,"dataGaName":107,"dataGaLocation":43},"/solutions/",[113,138,161],{"title":114,"description":115,"link":116,"items":121},"Automation","CI/CD and automation to accelerate deployment",{"config":117},{"icon":118,"href":119,"dataGaName":120,"dataGaLocation":43},"AutomatedCodeAlt","/solutions/delivery-automation/","automated software delivery",[122,126,130,134],{"text":123,"config":124},"CI/CD",{"href":125,"dataGaLocation":43,"dataGaName":123},"/solutions/continuous-integration/",{"text":127,"config":128},"AI-Assisted Development",{"href":77,"dataGaLocation":43,"dataGaName":129},"AI assisted development",{"text":131,"config":132},"Source Code Management",{"href":133,"dataGaLocation":43,"dataGaName":131},"/solutions/source-code-management/",{"text":135,"config":136},"Automated Software Delivery",{"href":119,"dataGaLocation":43,"dataGaName":137},"Automated software delivery",{"title":139,"description":140,"link":141,"items":146},"Security","Deliver code faster without compromising security",{"config":142},{"href":143,"dataGaName":144,"dataGaLocation":43,"icon":145},"/solutions/application-security-testing/","security and compliance","ShieldCheckLight",[147,151,156],{"text":148,"config":149},"Application Security Testing",{"href":143,"dataGaName":150,"dataGaLocation":43},"Application security testing",{"text":152,"config":153},"Software Supply Chain Security",{"href":154,"dataGaLocation":43,"dataGaName":155},"/solutions/supply-chain/","Software supply chain security",{"text":157,"config":158},"Software Compliance",{"href":159,"dataGaName":160,"dataGaLocation":43},"/solutions/software-compliance/","software compliance",{"title":162,"link":163,"items":168},"Measurement",{"config":164},{"icon":165,"href":166,"dataGaName":167,"dataGaLocation":43},"DigitalTransformation","/solutions/visibility-measurement/","visibility and measurement",[169,173,177],{"text":170,"config":171},"Visibility & Measurement",{"href":166,"dataGaLocation":43,"dataGaName":172},"Visibility and Measurement",{"text":174,"config":175},"Value Stream Management",{"href":176,"dataGaLocation":43,"dataGaName":174},"/solutions/value-stream-management/",{"text":178,"config":179},"Analytics & Insights",{"href":180,"dataGaLocation":43,"dataGaName":181},"/solutions/analytics-and-insights/","Analytics and insights",{"title":183,"items":184},"GitLab for",[185,190,195],{"text":186,"config":187},"Enterprise",{"href":188,"dataGaLocation":43,"dataGaName":189},"/enterprise/","enterprise",{"text":191,"config":192},"Small Business",{"href":193,"dataGaLocation":43,"dataGaName":194},"/small-business/","small business",{"text":196,"config":197},"Public Sector",{"href":198,"dataGaLocation":43,"dataGaName":199},"/solutions/public-sector/","public sector",{"text":201,"config":202},"Pricing",{"href":203,"dataGaName":204,"dataGaLocation":43,"dataNavLevelOne":204},"/pricing/","pricing",{"text":206,"config":207,"link":209,"lists":213,"feature":297},"Resources",{"dataNavLevelOne":208},"resources",{"text":210,"config":211},"View all resources",{"href":212,"dataGaName":208,"dataGaLocation":43},"/resources/",[214,247,269],{"title":215,"items":216},"Getting started",[217,222,227,232,237,242],{"text":218,"config":219},"Install",{"href":220,"dataGaName":221,"dataGaLocation":43},"/install/","install",{"text":223,"config":224},"Quick start guides",{"href":225,"dataGaName":226,"dataGaLocation":43},"/get-started/","quick setup checklists",{"text":228,"config":229},"Learn",{"href":230,"dataGaLocation":43,"dataGaName":231},"https://university.gitlab.com/","learn",{"text":233,"config":234},"Product documentation",{"href":235,"dataGaName":236,"dataGaLocation":43},"https://docs.gitlab.com/","product documentation",{"text":238,"config":239},"Best practice videos",{"href":240,"dataGaName":241,"dataGaLocation":43},"/getting-started-videos/","best practice videos",{"text":243,"config":244},"Integrations",{"href":245,"dataGaName":246,"dataGaLocation":43},"/integrations/","integrations",{"title":248,"items":249},"Discover",[250,255,259,264],{"text":251,"config":252},"Customer success stories",{"href":253,"dataGaName":254,"dataGaLocation":43},"/customers/","customer success stories",{"text":256,"config":257},"Blog",{"href":258,"dataGaName":5,"dataGaLocation":43},"/blog/",{"text":260,"config":261},"Remote",{"href":262,"dataGaName":263,"dataGaLocation":43},"https://handbook.gitlab.com/handbook/company/culture/all-remote/","remote",{"text":265,"config":266},"TeamOps",{"href":267,"dataGaName":268,"dataGaLocation":43},"/teamops/","teamops",{"title":270,"items":271},"Connect",[272,277,282,287,292],{"text":273,"config":274},"GitLab Services",{"href":275,"dataGaName":276,"dataGaLocation":43},"/services/","services",{"text":278,"config":279},"Community",{"href":280,"dataGaName":281,"dataGaLocation":43},"/community/","community",{"text":283,"config":284},"Forum",{"href":285,"dataGaName":286,"dataGaLocation":43},"https://forum.gitlab.com/","forum",{"text":288,"config":289},"Events",{"href":290,"dataGaName":291,"dataGaLocation":43},"/events/","events",{"text":293,"config":294},"Partners",{"href":295,"dataGaName":296,"dataGaLocation":43},"/partners/","partners",{"backgroundColor":298,"textColor":299,"text":300,"image":301,"link":305},"#2f2a6b","#fff","Insights for the future of software development",{"altText":302,"config":303},"the source promo card",{"src":304},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758208064/dzl0dbift9xdizyelkk4.svg",{"text":306,"config":307},"Read the latest",{"href":308,"dataGaName":309,"dataGaLocation":43},"/the-source/","the source",{"text":311,"config":312,"lists":314},"Company",{"dataNavLevelOne":313},"company",[315],{"items":316},[317,322,328,330,335,340,345,350,355,360,365],{"text":318,"config":319},"About",{"href":320,"dataGaName":321,"dataGaLocation":43},"/company/","about",{"text":323,"config":324,"footerGa":327},"Jobs",{"href":325,"dataGaName":326,"dataGaLocation":43},"/jobs/","jobs",{"dataGaName":326},{"text":288,"config":329},{"href":290,"dataGaName":291,"dataGaLocation":43},{"text":331,"config":332},"Leadership",{"href":333,"dataGaName":334,"dataGaLocation":43},"/company/team/e-group/","leadership",{"text":336,"config":337},"Team",{"href":338,"dataGaName":339,"dataGaLocation":43},"/company/team/","team",{"text":341,"config":342},"Handbook",{"href":343,"dataGaName":344,"dataGaLocation":43},"https://handbook.gitlab.com/","handbook",{"text":346,"config":347},"Investor relations",{"href":348,"dataGaName":349,"dataGaLocation":43},"https://ir.gitlab.com/","investor relations",{"text":351,"config":352},"Trust Center",{"href":353,"dataGaName":354,"dataGaLocation":43},"/security/","trust center",{"text":356,"config":357},"AI Transparency Center",{"href":358,"dataGaName":359,"dataGaLocation":43},"/ai-transparency-center/","ai transparency center",{"text":361,"config":362},"Newsletter",{"href":363,"dataGaName":364,"dataGaLocation":43},"/company/contact/","newsletter",{"text":366,"config":367},"Press",{"href":368,"dataGaName":369,"dataGaLocation":43},"/press/","press",{"text":371,"config":372,"lists":373},"Contact us",{"dataNavLevelOne":313},[374],{"items":375},[376,379,384],{"text":50,"config":377},{"href":52,"dataGaName":378,"dataGaLocation":43},"talk to sales",{"text":380,"config":381},"Support portal",{"href":382,"dataGaName":383,"dataGaLocation":43},"https://support.gitlab.com","support portal",{"text":385,"config":386},"Customer portal",{"href":387,"dataGaName":388,"dataGaLocation":43},"https://customers.gitlab.com/customers/sign_in/","customer portal",{"close":390,"login":391,"suggestions":398},"Close",{"text":392,"link":393},"To search repositories and projects, login to",{"text":394,"config":395},"gitlab.com",{"href":57,"dataGaName":396,"dataGaLocation":397},"search login","search",{"text":399,"default":400},"Suggestions",[401,403,407,409,413,417],{"text":72,"config":402},{"href":77,"dataGaName":72,"dataGaLocation":397},{"text":404,"config":405},"Code Suggestions (AI)",{"href":406,"dataGaName":404,"dataGaLocation":397},"/solutions/code-suggestions/",{"text":123,"config":408},{"href":125,"dataGaName":123,"dataGaLocation":397},{"text":410,"config":411},"GitLab on AWS",{"href":412,"dataGaName":410,"dataGaLocation":397},"/partners/technology-partners/aws/",{"text":414,"config":415},"GitLab on Google Cloud",{"href":416,"dataGaName":414,"dataGaLocation":397},"/partners/technology-partners/google-cloud-platform/",{"text":418,"config":419},"Why GitLab?",{"href":85,"dataGaName":418,"dataGaLocation":397},{"freeTrial":421,"mobileIcon":426,"desktopIcon":431,"secondaryButton":434},{"text":422,"config":423},"Start free trial",{"href":424,"dataGaName":48,"dataGaLocation":425},"https://gitlab.com/-/trials/new/","nav",{"altText":427,"config":428},"Gitlab Icon",{"src":429,"dataGaName":430,"dataGaLocation":425},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758203874/jypbw1jx72aexsoohd7x.svg","gitlab icon",{"altText":427,"config":432},{"src":433,"dataGaName":430,"dataGaLocation":425},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758203875/gs4c8p8opsgvflgkswz9.svg",{"text":435,"config":436},"Get Started",{"href":437,"dataGaName":438,"dataGaLocation":425},"https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/compare/gitlab-vs-github/","get started",{"freeTrial":440,"mobileIcon":444,"desktopIcon":446},{"text":441,"config":442},"Learn more about GitLab Duo",{"href":77,"dataGaName":443,"dataGaLocation":425},"gitlab duo",{"altText":427,"config":445},{"src":429,"dataGaName":430,"dataGaLocation":425},{"altText":427,"config":447},{"src":433,"dataGaName":430,"dataGaLocation":425},{"freeTrial":449,"mobileIcon":454,"desktopIcon":456},{"text":450,"config":451},"Back to pricing",{"href":203,"dataGaName":452,"dataGaLocation":425,"icon":453},"back to pricing","GoBack",{"altText":427,"config":455},{"src":429,"dataGaName":430,"dataGaLocation":425},{"altText":427,"config":457},{"src":433,"dataGaName":430,"dataGaLocation":425},"content:shared:en-us:main-navigation.yml","Main Navigation","shared/en-us/main-navigation.yml","shared/en-us/main-navigation",{"_path":463,"_dir":37,"_draft":6,"_partial":6,"_locale":7,"title":464,"button":465,"image":470,"config":474,"_id":476,"_type":29,"_source":31,"_file":477,"_stem":478,"_extension":34},"/shared/en-us/banner","is now in public beta!",{"text":466,"config":467},"Try the Beta",{"href":468,"dataGaName":469,"dataGaLocation":43},"/gitlab-duo/agent-platform/","duo banner",{"altText":471,"config":472},"GitLab Duo Agent Platform",{"src":473},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1753720689/somrf9zaunk0xlt7ne4x.svg",{"layout":475},"release","content:shared:en-us:banner.yml","shared/en-us/banner.yml","shared/en-us/banner",{"_path":480,"_dir":37,"_draft":6,"_partial":6,"_locale":7,"data":481,"_id":720,"_type":29,"title":721,"_source":31,"_file":722,"_stem":723,"_extension":34},"/shared/en-us/main-footer",{"text":482,"source":483,"edit":489,"contribute":494,"config":499,"items":504,"minimal":712},"Git is a trademark of Software Freedom Conservancy and our use of 'GitLab' is under license",{"text":484,"config":485},"View page source",{"href":486,"dataGaName":487,"dataGaLocation":488},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/","page source","footer",{"text":490,"config":491},"Edit this page",{"href":492,"dataGaName":493,"dataGaLocation":488},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/content/","web ide",{"text":495,"config":496},"Please contribute",{"href":497,"dataGaName":498,"dataGaLocation":488},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/CONTRIBUTING.md/","please contribute",{"twitter":500,"facebook":501,"youtube":502,"linkedin":503},"https://twitter.com/gitlab","https://www.facebook.com/gitlab","https://www.youtube.com/channel/UCnMGQ8QHMAnVIsI3xJrihhg","https://www.linkedin.com/company/gitlab-com",[505,552,605,649,678],{"title":201,"links":506,"subMenu":521},[507,511,516],{"text":508,"config":509},"View plans",{"href":203,"dataGaName":510,"dataGaLocation":488},"view plans",{"text":512,"config":513},"Why Premium?",{"href":514,"dataGaName":515,"dataGaLocation":488},"/pricing/premium/","why premium",{"text":517,"config":518},"Why Ultimate?",{"href":519,"dataGaName":520,"dataGaLocation":488},"/pricing/ultimate/","why ultimate",[522],{"title":523,"links":524},"Contact Us",[525,528,530,532,537,542,547],{"text":526,"config":527},"Contact sales",{"href":52,"dataGaName":53,"dataGaLocation":488},{"text":380,"config":529},{"href":382,"dataGaName":383,"dataGaLocation":488},{"text":385,"config":531},{"href":387,"dataGaName":388,"dataGaLocation":488},{"text":533,"config":534},"Status",{"href":535,"dataGaName":536,"dataGaLocation":488},"https://status.gitlab.com/","status",{"text":538,"config":539},"Terms of use",{"href":540,"dataGaName":541,"dataGaLocation":488},"/terms/","terms of use",{"text":543,"config":544},"Privacy statement",{"href":545,"dataGaName":546,"dataGaLocation":488},"/privacy/","privacy statement",{"text":548,"config":549},"Cookie preferences",{"dataGaName":550,"dataGaLocation":488,"id":551,"isOneTrustButton":25},"cookie preferences","ot-sdk-btn",{"title":105,"links":553,"subMenu":561},[554,558],{"text":555,"config":556},"DevSecOps platform",{"href":70,"dataGaName":557,"dataGaLocation":488},"devsecops platform",{"text":127,"config":559},{"href":77,"dataGaName":560,"dataGaLocation":488},"ai-assisted development",[562],{"title":563,"links":564},"Topics",[565,570,575,580,585,590,595,600],{"text":566,"config":567},"CICD",{"href":568,"dataGaName":569,"dataGaLocation":488},"/topics/ci-cd/","cicd",{"text":571,"config":572},"GitOps",{"href":573,"dataGaName":574,"dataGaLocation":488},"/topics/gitops/","gitops",{"text":576,"config":577},"DevOps",{"href":578,"dataGaName":579,"dataGaLocation":488},"/topics/devops/","devops",{"text":581,"config":582},"Version Control",{"href":583,"dataGaName":584,"dataGaLocation":488},"/topics/version-control/","version control",{"text":586,"config":587},"DevSecOps",{"href":588,"dataGaName":589,"dataGaLocation":488},"/topics/devsecops/","devsecops",{"text":591,"config":592},"Cloud Native",{"href":593,"dataGaName":594,"dataGaLocation":488},"/topics/cloud-native/","cloud native",{"text":596,"config":597},"AI for Coding",{"href":598,"dataGaName":599,"dataGaLocation":488},"/topics/devops/ai-for-coding/","ai for coding",{"text":601,"config":602},"Agentic AI",{"href":603,"dataGaName":604,"dataGaLocation":488},"/topics/agentic-ai/","agentic ai",{"title":606,"links":607},"Solutions",[608,610,612,617,621,624,628,631,633,636,639,644],{"text":148,"config":609},{"href":143,"dataGaName":148,"dataGaLocation":488},{"text":137,"config":611},{"href":119,"dataGaName":120,"dataGaLocation":488},{"text":613,"config":614},"Agile development",{"href":615,"dataGaName":616,"dataGaLocation":488},"/solutions/agile-delivery/","agile delivery",{"text":618,"config":619},"SCM",{"href":133,"dataGaName":620,"dataGaLocation":488},"source code management",{"text":566,"config":622},{"href":125,"dataGaName":623,"dataGaLocation":488},"continuous integration & delivery",{"text":625,"config":626},"Value stream management",{"href":176,"dataGaName":627,"dataGaLocation":488},"value stream management",{"text":571,"config":629},{"href":630,"dataGaName":574,"dataGaLocation":488},"/solutions/gitops/",{"text":186,"config":632},{"href":188,"dataGaName":189,"dataGaLocation":488},{"text":634,"config":635},"Small business",{"href":193,"dataGaName":194,"dataGaLocation":488},{"text":637,"config":638},"Public sector",{"href":198,"dataGaName":199,"dataGaLocation":488},{"text":640,"config":641},"Education",{"href":642,"dataGaName":643,"dataGaLocation":488},"/solutions/education/","education",{"text":645,"config":646},"Financial services",{"href":647,"dataGaName":648,"dataGaLocation":488},"/solutions/finance/","financial services",{"title":206,"links":650},[651,653,655,657,660,662,664,666,668,670,672,674,676],{"text":218,"config":652},{"href":220,"dataGaName":221,"dataGaLocation":488},{"text":223,"config":654},{"href":225,"dataGaName":226,"dataGaLocation":488},{"text":228,"config":656},{"href":230,"dataGaName":231,"dataGaLocation":488},{"text":233,"config":658},{"href":235,"dataGaName":659,"dataGaLocation":488},"docs",{"text":256,"config":661},{"href":258,"dataGaName":5,"dataGaLocation":488},{"text":251,"config":663},{"href":253,"dataGaName":254,"dataGaLocation":488},{"text":260,"config":665},{"href":262,"dataGaName":263,"dataGaLocation":488},{"text":273,"config":667},{"href":275,"dataGaName":276,"dataGaLocation":488},{"text":265,"config":669},{"href":267,"dataGaName":268,"dataGaLocation":488},{"text":278,"config":671},{"href":280,"dataGaName":281,"dataGaLocation":488},{"text":283,"config":673},{"href":285,"dataGaName":286,"dataGaLocation":488},{"text":288,"config":675},{"href":290,"dataGaName":291,"dataGaLocation":488},{"text":293,"config":677},{"href":295,"dataGaName":296,"dataGaLocation":488},{"title":311,"links":679},[680,682,684,686,688,690,692,696,701,703,705,707],{"text":318,"config":681},{"href":320,"dataGaName":313,"dataGaLocation":488},{"text":323,"config":683},{"href":325,"dataGaName":326,"dataGaLocation":488},{"text":331,"config":685},{"href":333,"dataGaName":334,"dataGaLocation":488},{"text":336,"config":687},{"href":338,"dataGaName":339,"dataGaLocation":488},{"text":341,"config":689},{"href":343,"dataGaName":344,"dataGaLocation":488},{"text":346,"config":691},{"href":348,"dataGaName":349,"dataGaLocation":488},{"text":693,"config":694},"Sustainability",{"href":695,"dataGaName":693,"dataGaLocation":488},"/sustainability/",{"text":697,"config":698},"Diversity, inclusion and belonging (DIB)",{"href":699,"dataGaName":700,"dataGaLocation":488},"/diversity-inclusion-belonging/","Diversity, inclusion and belonging",{"text":351,"config":702},{"href":353,"dataGaName":354,"dataGaLocation":488},{"text":361,"config":704},{"href":363,"dataGaName":364,"dataGaLocation":488},{"text":366,"config":706},{"href":368,"dataGaName":369,"dataGaLocation":488},{"text":708,"config":709},"Modern Slavery Transparency Statement",{"href":710,"dataGaName":711,"dataGaLocation":488},"https://handbook.gitlab.com/handbook/legal/modern-slavery-act-transparency-statement/","modern slavery transparency statement",{"items":713},[714,716,718],{"text":538,"config":715},{"href":540,"dataGaName":541,"dataGaLocation":488},{"text":543,"config":717},{"href":545,"dataGaName":546,"dataGaLocation":488},{"text":548,"config":719},{"dataGaName":550,"dataGaLocation":488,"id":551,"isOneTrustButton":25},"content:shared:en-us:main-footer.yml","Main Footer","shared/en-us/main-footer.yml","shared/en-us/main-footer",[725,737],{"_path":726,"_dir":727,"_draft":6,"_partial":6,"_locale":7,"content":728,"config":732,"_id":734,"_type":29,"title":14,"_source":31,"_file":735,"_stem":736,"_extension":34},"/en-us/blog/authors/itzik-gan-baruch","authors",{"name":14,"config":729},{"headshot":730,"ctfId":731},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1749658921/Blog/Author%20Headshots/iganbaruch-headshot.jpg","iganbaruch",{"template":733},"BlogAuthor","content:en-us:blog:authors:itzik-gan-baruch.yml","en-us/blog/authors/itzik-gan-baruch.yml","en-us/blog/authors/itzik-gan-baruch",{"_path":738,"_dir":727,"_draft":6,"_partial":6,"_locale":7,"content":739,"config":742,"_id":744,"_type":29,"title":745,"_source":31,"_file":746,"_stem":747,"_extension":34},"/en-us/blog/authors/rebeca-fenoy-anthony",{"name":15,"config":740},{"headshot":741},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1756988188/r1og9bwc9mxwxqeoehyi.png",{"template":733,"gitlabHandle":743},"rfenoyanthony","content:en-us:blog:authors:rebeca-fenoy-anthony.yml","Rebeca Fenoy Anthony","en-us/blog/authors/rebeca-fenoy-anthony.yml","en-us/blog/authors/rebeca-fenoy-anthony",{"_path":749,"_dir":37,"_draft":6,"_partial":6,"_locale":7,"header":750,"eyebrow":751,"blurb":752,"button":753,"secondaryButton":757,"_id":759,"_type":29,"title":760,"_source":31,"_file":761,"_stem":762,"_extension":34},"/shared/en-us/next-steps","Start shipping better software faster","50%+ of the Fortune 100 trust GitLab","See what your team can do with the intelligent\n\n\nDevSecOps platform.\n",{"text":45,"config":754},{"href":755,"dataGaName":48,"dataGaLocation":756},"https://gitlab.com/-/trial_registrations/new?glm_content=default-saas-trial&glm_source=about.gitlab.com/","feature",{"text":50,"config":758},{"href":52,"dataGaName":53,"dataGaLocation":756},"content:shared:en-us:next-steps.yml","Next Steps","shared/en-us/next-steps.yml","shared/en-us/next-steps",{"_path":4,"_dir":5,"_draft":6,"_partial":6,"_locale":7,"seo":764,"content":766,"config":769,"_id":28,"_type":29,"title":30,"_source":31,"_file":32,"_stem":33,"_extension":34},{"config":765,"title":10,"description":11},{"noIndex":6},{"title":10,"description":11,"authors":767,"body":16,"category":17,"tags":768,"date":22,"heroImage":23},[14,15],[17,19,20,21],{"featured":25,"template":26,"slug":27},1761814409480]