[{"data":1,"prerenderedAt":4670},["ShallowReactive",2],{"/en-us/blog/categories/security":3,"navigation-en-us":21,"banner-en-us":449,"footer-en-us":466,"security-category-en-us":711,"footer-source-/en-us/blog/categories/security/":4666},{"_path":4,"_dir":5,"_draft":6,"_partial":6,"_locale":7,"seo":8,"content":11,"config":12,"_id":15,"_type":16,"title":9,"_source":17,"_file":18,"_stem":19,"_extension":20},"/en-us/blog/categories/security","categories",false,"",{"title":9,"description":10},"Security","Browse articles related to Security on the GitLab Blog",{"name":9},{"template":13,"slug":14,"hide":6},"BlogCategory","security","content:en-us:blog:categories:security.yml","yaml","content","en-us/blog/categories/security.yml","en-us/blog/categories/security","yml",{"_path":22,"_dir":23,"_draft":6,"_partial":6,"_locale":7,"data":24,"_id":445,"_type":16,"title":446,"_source":17,"_file":447,"_stem":448,"_extension":20},"/shared/en-us/main-navigation","en-us",{"logo":25,"freeTrial":30,"sales":35,"login":40,"items":45,"search":376,"minimal":407,"duo":426,"pricingDeployment":435},{"config":26},{"href":27,"dataGaName":28,"dataGaLocation":29},"/","gitlab logo","header",{"text":31,"config":32},"Get free trial",{"href":33,"dataGaName":34,"dataGaLocation":29},"https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com&glm_content=default-saas-trial/","free trial",{"text":36,"config":37},"Talk to sales",{"href":38,"dataGaName":39,"dataGaLocation":29},"/sales/","sales",{"text":41,"config":42},"Sign in",{"href":43,"dataGaName":44,"dataGaLocation":29},"https://gitlab.com/users/sign_in/","sign in",[46,90,186,191,297,357],{"text":47,"config":48,"cards":50,"footer":73},"Platform",{"dataNavLevelOne":49},"platform",[51,57,65],{"title":47,"description":52,"link":53},"The most comprehensive AI-powered DevSecOps Platform",{"text":54,"config":55},"Explore our Platform",{"href":56,"dataGaName":49,"dataGaLocation":29},"/platform/",{"title":58,"description":59,"link":60},"GitLab Duo (AI)","Build software faster with AI at every stage of development",{"text":61,"config":62},"Meet GitLab Duo",{"href":63,"dataGaName":64,"dataGaLocation":29},"/gitlab-duo/","gitlab duo ai",{"title":66,"description":67,"link":68},"Why GitLab","10 reasons why Enterprises choose GitLab",{"text":69,"config":70},"Learn more",{"href":71,"dataGaName":72,"dataGaLocation":29},"/why-gitlab/","why gitlab",{"title":74,"items":75},"Get started with",[76,81,86],{"text":77,"config":78},"Platform Engineering",{"href":79,"dataGaName":80,"dataGaLocation":29},"/solutions/platform-engineering/","platform engineering",{"text":82,"config":83},"Developer Experience",{"href":84,"dataGaName":85,"dataGaLocation":29},"/developer-experience/","Developer experience",{"text":87,"config":88},"MLOps",{"href":89,"dataGaName":87,"dataGaLocation":29},"/topics/devops/the-role-of-ai-in-devops/",{"text":91,"left":92,"config":93,"link":95,"lists":99,"footer":168},"Product",true,{"dataNavLevelOne":94},"solutions",{"text":96,"config":97},"View all Solutions",{"href":98,"dataGaName":94,"dataGaLocation":29},"/solutions/",[100,125,147],{"title":101,"description":102,"link":103,"items":108},"Automation","CI/CD and automation to accelerate deployment",{"config":104},{"icon":105,"href":106,"dataGaName":107,"dataGaLocation":29},"AutomatedCodeAlt","/solutions/delivery-automation/","automated software delivery",[109,113,117,121],{"text":110,"config":111},"CI/CD",{"href":112,"dataGaLocation":29,"dataGaName":110},"/solutions/continuous-integration/",{"text":114,"config":115},"AI-Assisted Development",{"href":63,"dataGaLocation":29,"dataGaName":116},"AI assisted development",{"text":118,"config":119},"Source Code Management",{"href":120,"dataGaLocation":29,"dataGaName":118},"/solutions/source-code-management/",{"text":122,"config":123},"Automated Software Delivery",{"href":106,"dataGaLocation":29,"dataGaName":124},"Automated software delivery",{"title":9,"description":126,"link":127,"items":132},"Deliver code faster without compromising security",{"config":128},{"href":129,"dataGaName":130,"dataGaLocation":29,"icon":131},"/solutions/application-security-testing/","security and compliance","ShieldCheckLight",[133,137,142],{"text":134,"config":135},"Application Security Testing",{"href":129,"dataGaName":136,"dataGaLocation":29},"Application security testing",{"text":138,"config":139},"Software Supply Chain Security",{"href":140,"dataGaLocation":29,"dataGaName":141},"/solutions/supply-chain/","Software supply chain security",{"text":143,"config":144},"Software Compliance",{"href":145,"dataGaName":146,"dataGaLocation":29},"/solutions/software-compliance/","software compliance",{"title":148,"link":149,"items":154},"Measurement",{"config":150},{"icon":151,"href":152,"dataGaName":153,"dataGaLocation":29},"DigitalTransformation","/solutions/visibility-measurement/","visibility and measurement",[155,159,163],{"text":156,"config":157},"Visibility & Measurement",{"href":152,"dataGaLocation":29,"dataGaName":158},"Visibility and Measurement",{"text":160,"config":161},"Value Stream Management",{"href":162,"dataGaLocation":29,"dataGaName":160},"/solutions/value-stream-management/",{"text":164,"config":165},"Analytics & Insights",{"href":166,"dataGaLocation":29,"dataGaName":167},"/solutions/analytics-and-insights/","Analytics and insights",{"title":169,"items":170},"GitLab for",[171,176,181],{"text":172,"config":173},"Enterprise",{"href":174,"dataGaLocation":29,"dataGaName":175},"/enterprise/","enterprise",{"text":177,"config":178},"Small Business",{"href":179,"dataGaLocation":29,"dataGaName":180},"/small-business/","small business",{"text":182,"config":183},"Public Sector",{"href":184,"dataGaLocation":29,"dataGaName":185},"/solutions/public-sector/","public sector",{"text":187,"config":188},"Pricing",{"href":189,"dataGaName":190,"dataGaLocation":29,"dataNavLevelOne":190},"/pricing/","pricing",{"text":192,"config":193,"link":195,"lists":199,"feature":284},"Resources",{"dataNavLevelOne":194},"resources",{"text":196,"config":197},"View all resources",{"href":198,"dataGaName":194,"dataGaLocation":29},"/resources/",[200,233,256],{"title":201,"items":202},"Getting started",[203,208,213,218,223,228],{"text":204,"config":205},"Install",{"href":206,"dataGaName":207,"dataGaLocation":29},"/install/","install",{"text":209,"config":210},"Quick start guides",{"href":211,"dataGaName":212,"dataGaLocation":29},"/get-started/","quick setup checklists",{"text":214,"config":215},"Learn",{"href":216,"dataGaLocation":29,"dataGaName":217},"https://university.gitlab.com/","learn",{"text":219,"config":220},"Product documentation",{"href":221,"dataGaName":222,"dataGaLocation":29},"https://docs.gitlab.com/","product documentation",{"text":224,"config":225},"Best practice videos",{"href":226,"dataGaName":227,"dataGaLocation":29},"/getting-started-videos/","best practice videos",{"text":229,"config":230},"Integrations",{"href":231,"dataGaName":232,"dataGaLocation":29},"/integrations/","integrations",{"title":234,"items":235},"Discover",[236,241,246,251],{"text":237,"config":238},"Customer success stories",{"href":239,"dataGaName":240,"dataGaLocation":29},"/customers/","customer success stories",{"text":242,"config":243},"Blog",{"href":244,"dataGaName":245,"dataGaLocation":29},"/blog/","blog",{"text":247,"config":248},"Remote",{"href":249,"dataGaName":250,"dataGaLocation":29},"https://handbook.gitlab.com/handbook/company/culture/all-remote/","remote",{"text":252,"config":253},"TeamOps",{"href":254,"dataGaName":255,"dataGaLocation":29},"/teamops/","teamops",{"title":257,"items":258},"Connect",[259,264,269,274,279],{"text":260,"config":261},"GitLab Services",{"href":262,"dataGaName":263,"dataGaLocation":29},"/services/","services",{"text":265,"config":266},"Community",{"href":267,"dataGaName":268,"dataGaLocation":29},"/community/","community",{"text":270,"config":271},"Forum",{"href":272,"dataGaName":273,"dataGaLocation":29},"https://forum.gitlab.com/","forum",{"text":275,"config":276},"Events",{"href":277,"dataGaName":278,"dataGaLocation":29},"/events/","events",{"text":280,"config":281},"Partners",{"href":282,"dataGaName":283,"dataGaLocation":29},"/partners/","partners",{"backgroundColor":285,"textColor":286,"text":287,"image":288,"link":292},"#2f2a6b","#fff","Insights for the future of software development",{"altText":289,"config":290},"the source promo card",{"src":291},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758208064/dzl0dbift9xdizyelkk4.svg",{"text":293,"config":294},"Read the latest",{"href":295,"dataGaName":296,"dataGaLocation":29},"/the-source/","the source",{"text":298,"config":299,"lists":301},"Company",{"dataNavLevelOne":300},"company",[302],{"items":303},[304,309,315,317,322,327,332,337,342,347,352],{"text":305,"config":306},"About",{"href":307,"dataGaName":308,"dataGaLocation":29},"/company/","about",{"text":310,"config":311,"footerGa":314},"Jobs",{"href":312,"dataGaName":313,"dataGaLocation":29},"/jobs/","jobs",{"dataGaName":313},{"text":275,"config":316},{"href":277,"dataGaName":278,"dataGaLocation":29},{"text":318,"config":319},"Leadership",{"href":320,"dataGaName":321,"dataGaLocation":29},"/company/team/e-group/","leadership",{"text":323,"config":324},"Team",{"href":325,"dataGaName":326,"dataGaLocation":29},"/company/team/","team",{"text":328,"config":329},"Handbook",{"href":330,"dataGaName":331,"dataGaLocation":29},"https://handbook.gitlab.com/","handbook",{"text":333,"config":334},"Investor relations",{"href":335,"dataGaName":336,"dataGaLocation":29},"https://ir.gitlab.com/","investor relations",{"text":338,"config":339},"Trust Center",{"href":340,"dataGaName":341,"dataGaLocation":29},"/security/","trust center",{"text":343,"config":344},"AI Transparency Center",{"href":345,"dataGaName":346,"dataGaLocation":29},"/ai-transparency-center/","ai transparency center",{"text":348,"config":349},"Newsletter",{"href":350,"dataGaName":351,"dataGaLocation":29},"/company/contact/","newsletter",{"text":353,"config":354},"Press",{"href":355,"dataGaName":356,"dataGaLocation":29},"/press/","press",{"text":358,"config":359,"lists":360},"Contact us",{"dataNavLevelOne":300},[361],{"items":362},[363,366,371],{"text":36,"config":364},{"href":38,"dataGaName":365,"dataGaLocation":29},"talk to sales",{"text":367,"config":368},"Support portal",{"href":369,"dataGaName":370,"dataGaLocation":29},"https://support.gitlab.com","support portal",{"text":372,"config":373},"Customer portal",{"href":374,"dataGaName":375,"dataGaLocation":29},"https://customers.gitlab.com/customers/sign_in/","customer portal",{"close":377,"login":378,"suggestions":385},"Close",{"text":379,"link":380},"To search repositories and projects, login to",{"text":381,"config":382},"gitlab.com",{"href":43,"dataGaName":383,"dataGaLocation":384},"search login","search",{"text":386,"default":387},"Suggestions",[388,390,394,396,400,404],{"text":58,"config":389},{"href":63,"dataGaName":58,"dataGaLocation":384},{"text":391,"config":392},"Code Suggestions (AI)",{"href":393,"dataGaName":391,"dataGaLocation":384},"/solutions/code-suggestions/",{"text":110,"config":395},{"href":112,"dataGaName":110,"dataGaLocation":384},{"text":397,"config":398},"GitLab on AWS",{"href":399,"dataGaName":397,"dataGaLocation":384},"/partners/technology-partners/aws/",{"text":401,"config":402},"GitLab on Google Cloud",{"href":403,"dataGaName":401,"dataGaLocation":384},"/partners/technology-partners/google-cloud-platform/",{"text":405,"config":406},"Why GitLab?",{"href":71,"dataGaName":405,"dataGaLocation":384},{"freeTrial":408,"mobileIcon":413,"desktopIcon":418,"secondaryButton":421},{"text":409,"config":410},"Start free trial",{"href":411,"dataGaName":34,"dataGaLocation":412},"https://gitlab.com/-/trials/new/","nav",{"altText":414,"config":415},"Gitlab Icon",{"src":416,"dataGaName":417,"dataGaLocation":412},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758203874/jypbw1jx72aexsoohd7x.svg","gitlab icon",{"altText":414,"config":419},{"src":420,"dataGaName":417,"dataGaLocation":412},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758203875/gs4c8p8opsgvflgkswz9.svg",{"text":422,"config":423},"Get Started",{"href":424,"dataGaName":425,"dataGaLocation":412},"https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/compare/gitlab-vs-github/","get started",{"freeTrial":427,"mobileIcon":431,"desktopIcon":433},{"text":428,"config":429},"Learn more about GitLab Duo",{"href":63,"dataGaName":430,"dataGaLocation":412},"gitlab duo",{"altText":414,"config":432},{"src":416,"dataGaName":417,"dataGaLocation":412},{"altText":414,"config":434},{"src":420,"dataGaName":417,"dataGaLocation":412},{"freeTrial":436,"mobileIcon":441,"desktopIcon":443},{"text":437,"config":438},"Back to pricing",{"href":189,"dataGaName":439,"dataGaLocation":412,"icon":440},"back to pricing","GoBack",{"altText":414,"config":442},{"src":416,"dataGaName":417,"dataGaLocation":412},{"altText":414,"config":444},{"src":420,"dataGaName":417,"dataGaLocation":412},"content:shared:en-us:main-navigation.yml","Main Navigation","shared/en-us/main-navigation.yml","shared/en-us/main-navigation",{"_path":450,"_dir":23,"_draft":6,"_partial":6,"_locale":7,"title":451,"button":452,"image":457,"config":461,"_id":463,"_type":16,"_source":17,"_file":464,"_stem":465,"_extension":20},"/shared/en-us/banner","is now in public beta!",{"text":453,"config":454},"Try the Beta",{"href":455,"dataGaName":456,"dataGaLocation":29},"/gitlab-duo/agent-platform/","duo banner",{"altText":458,"config":459},"GitLab Duo Agent Platform",{"src":460},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1753720689/somrf9zaunk0xlt7ne4x.svg",{"layout":462},"release","content:shared:en-us:banner.yml","shared/en-us/banner.yml","shared/en-us/banner",{"_path":467,"_dir":23,"_draft":6,"_partial":6,"_locale":7,"data":468,"_id":707,"_type":16,"title":708,"_source":17,"_file":709,"_stem":710,"_extension":20},"/shared/en-us/main-footer",{"text":469,"source":470,"edit":476,"contribute":481,"config":486,"items":491,"minimal":699},"Git is a trademark of Software Freedom Conservancy and our use of 'GitLab' is under license",{"text":471,"config":472},"View page source",{"href":473,"dataGaName":474,"dataGaLocation":475},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/","page source","footer",{"text":477,"config":478},"Edit this page",{"href":479,"dataGaName":480,"dataGaLocation":475},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/content/","web ide",{"text":482,"config":483},"Please contribute",{"href":484,"dataGaName":485,"dataGaLocation":475},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/CONTRIBUTING.md/","please contribute",{"twitter":487,"facebook":488,"youtube":489,"linkedin":490},"https://twitter.com/gitlab","https://www.facebook.com/gitlab","https://www.youtube.com/channel/UCnMGQ8QHMAnVIsI3xJrihhg","https://www.linkedin.com/company/gitlab-com",[492,539,592,636,665],{"title":187,"links":493,"subMenu":508},[494,498,503],{"text":495,"config":496},"View plans",{"href":189,"dataGaName":497,"dataGaLocation":475},"view plans",{"text":499,"config":500},"Why Premium?",{"href":501,"dataGaName":502,"dataGaLocation":475},"/pricing/premium/","why premium",{"text":504,"config":505},"Why Ultimate?",{"href":506,"dataGaName":507,"dataGaLocation":475},"/pricing/ultimate/","why ultimate",[509],{"title":510,"links":511},"Contact Us",[512,515,517,519,524,529,534],{"text":513,"config":514},"Contact sales",{"href":38,"dataGaName":39,"dataGaLocation":475},{"text":367,"config":516},{"href":369,"dataGaName":370,"dataGaLocation":475},{"text":372,"config":518},{"href":374,"dataGaName":375,"dataGaLocation":475},{"text":520,"config":521},"Status",{"href":522,"dataGaName":523,"dataGaLocation":475},"https://status.gitlab.com/","status",{"text":525,"config":526},"Terms of use",{"href":527,"dataGaName":528,"dataGaLocation":475},"/terms/","terms of use",{"text":530,"config":531},"Privacy statement",{"href":532,"dataGaName":533,"dataGaLocation":475},"/privacy/","privacy statement",{"text":535,"config":536},"Cookie preferences",{"dataGaName":537,"dataGaLocation":475,"id":538,"isOneTrustButton":92},"cookie preferences","ot-sdk-btn",{"title":91,"links":540,"subMenu":548},[541,545],{"text":542,"config":543},"DevSecOps platform",{"href":56,"dataGaName":544,"dataGaLocation":475},"devsecops platform",{"text":114,"config":546},{"href":63,"dataGaName":547,"dataGaLocation":475},"ai-assisted development",[549],{"title":550,"links":551},"Topics",[552,557,562,567,572,577,582,587],{"text":553,"config":554},"CICD",{"href":555,"dataGaName":556,"dataGaLocation":475},"/topics/ci-cd/","cicd",{"text":558,"config":559},"GitOps",{"href":560,"dataGaName":561,"dataGaLocation":475},"/topics/gitops/","gitops",{"text":563,"config":564},"DevOps",{"href":565,"dataGaName":566,"dataGaLocation":475},"/topics/devops/","devops",{"text":568,"config":569},"Version Control",{"href":570,"dataGaName":571,"dataGaLocation":475},"/topics/version-control/","version control",{"text":573,"config":574},"DevSecOps",{"href":575,"dataGaName":576,"dataGaLocation":475},"/topics/devsecops/","devsecops",{"text":578,"config":579},"Cloud Native",{"href":580,"dataGaName":581,"dataGaLocation":475},"/topics/cloud-native/","cloud native",{"text":583,"config":584},"AI for Coding",{"href":585,"dataGaName":586,"dataGaLocation":475},"/topics/devops/ai-for-coding/","ai for coding",{"text":588,"config":589},"Agentic AI",{"href":590,"dataGaName":591,"dataGaLocation":475},"/topics/agentic-ai/","agentic ai",{"title":593,"links":594},"Solutions",[595,597,599,604,608,611,615,618,620,623,626,631],{"text":134,"config":596},{"href":129,"dataGaName":134,"dataGaLocation":475},{"text":124,"config":598},{"href":106,"dataGaName":107,"dataGaLocation":475},{"text":600,"config":601},"Agile development",{"href":602,"dataGaName":603,"dataGaLocation":475},"/solutions/agile-delivery/","agile delivery",{"text":605,"config":606},"SCM",{"href":120,"dataGaName":607,"dataGaLocation":475},"source code management",{"text":553,"config":609},{"href":112,"dataGaName":610,"dataGaLocation":475},"continuous integration & delivery",{"text":612,"config":613},"Value stream management",{"href":162,"dataGaName":614,"dataGaLocation":475},"value stream management",{"text":558,"config":616},{"href":617,"dataGaName":561,"dataGaLocation":475},"/solutions/gitops/",{"text":172,"config":619},{"href":174,"dataGaName":175,"dataGaLocation":475},{"text":621,"config":622},"Small business",{"href":179,"dataGaName":180,"dataGaLocation":475},{"text":624,"config":625},"Public sector",{"href":184,"dataGaName":185,"dataGaLocation":475},{"text":627,"config":628},"Education",{"href":629,"dataGaName":630,"dataGaLocation":475},"/solutions/education/","education",{"text":632,"config":633},"Financial services",{"href":634,"dataGaName":635,"dataGaLocation":475},"/solutions/finance/","financial services",{"title":192,"links":637},[638,640,642,644,647,649,651,653,655,657,659,661,663],{"text":204,"config":639},{"href":206,"dataGaName":207,"dataGaLocation":475},{"text":209,"config":641},{"href":211,"dataGaName":212,"dataGaLocation":475},{"text":214,"config":643},{"href":216,"dataGaName":217,"dataGaLocation":475},{"text":219,"config":645},{"href":221,"dataGaName":646,"dataGaLocation":475},"docs",{"text":242,"config":648},{"href":244,"dataGaName":245,"dataGaLocation":475},{"text":237,"config":650},{"href":239,"dataGaName":240,"dataGaLocation":475},{"text":247,"config":652},{"href":249,"dataGaName":250,"dataGaLocation":475},{"text":260,"config":654},{"href":262,"dataGaName":263,"dataGaLocation":475},{"text":252,"config":656},{"href":254,"dataGaName":255,"dataGaLocation":475},{"text":265,"config":658},{"href":267,"dataGaName":268,"dataGaLocation":475},{"text":270,"config":660},{"href":272,"dataGaName":273,"dataGaLocation":475},{"text":275,"config":662},{"href":277,"dataGaName":278,"dataGaLocation":475},{"text":280,"config":664},{"href":282,"dataGaName":283,"dataGaLocation":475},{"title":298,"links":666},[667,669,671,673,675,677,679,683,688,690,692,694],{"text":305,"config":668},{"href":307,"dataGaName":300,"dataGaLocation":475},{"text":310,"config":670},{"href":312,"dataGaName":313,"dataGaLocation":475},{"text":318,"config":672},{"href":320,"dataGaName":321,"dataGaLocation":475},{"text":323,"config":674},{"href":325,"dataGaName":326,"dataGaLocation":475},{"text":328,"config":676},{"href":330,"dataGaName":331,"dataGaLocation":475},{"text":333,"config":678},{"href":335,"dataGaName":336,"dataGaLocation":475},{"text":680,"config":681},"Sustainability",{"href":682,"dataGaName":680,"dataGaLocation":475},"/sustainability/",{"text":684,"config":685},"Diversity, inclusion and belonging (DIB)",{"href":686,"dataGaName":687,"dataGaLocation":475},"/diversity-inclusion-belonging/","Diversity, inclusion and belonging",{"text":338,"config":689},{"href":340,"dataGaName":341,"dataGaLocation":475},{"text":348,"config":691},{"href":350,"dataGaName":351,"dataGaLocation":475},{"text":353,"config":693},{"href":355,"dataGaName":356,"dataGaLocation":475},{"text":695,"config":696},"Modern Slavery Transparency Statement",{"href":697,"dataGaName":698,"dataGaLocation":475},"https://handbook.gitlab.com/handbook/legal/modern-slavery-act-transparency-statement/","modern slavery transparency statement",{"items":700},[701,703,705],{"text":525,"config":702},{"href":527,"dataGaName":528,"dataGaLocation":475},{"text":530,"config":704},{"href":532,"dataGaName":533,"dataGaLocation":475},{"text":535,"config":706},{"dataGaName":537,"dataGaLocation":475,"id":538,"isOneTrustButton":92},"content:shared:en-us:main-footer.yml","Main Footer","shared/en-us/main-footer.yml","shared/en-us/main-footer",{"post":712,"posts":713},null,[714,734,750,769,790,809,827,846,861,876,892,911,932,953,972,992,1010,1029,1048,1066,1083,1103,1121,1140,1158,1177,1198,1216,1233,1251,1269,1288,1306,1324,1344,1361,1381,1400,1417,1434,1452,1471,1490,1511,1529,1549,1569,1588,1607,1624,1644,1664,1682,1702,1720,1738,1756,1777,1796,1814,1833,1852,1870,1888,1906,1924,1943,1961,1978,1997,2017,2035,2054,2072,2094,2112,2129,2147,2164,2181,2200,2218,2236,2254,2272,2291,2309,2327,2346,2363,2380,2399,2419,2438,2455,2473,2490,2509,2527,2546,2564,2583,2602,2622,2641,2659,2678,2697,2715,2734,2753,2773,2791,2810,2828,2846,2864,2884,2904,2922,2941,2959,2977,2996,3014,3034,3051,3070,3087,3105,3122,3144,3163,3181,3200,3217,3235,3253,3274,3291,3310,3329,3352,3371,3388,3406,3425,3441,3459,3476,3498,3516,3535,3553,3572,3591,3609,3626,3644,3662,3681,3699,3718,3736,3754,3771,3789,3806,3826,3846,3864,3882,3900,3919,3937,3955,3973,3991,4011,4031,4049,4068,4086,4104,4121,4139,4158,4176,4194,4213,4231,4248,4267,4285,4303,4321,4340,4359,4377,4397,4415,4433,4453,4471,4488,4506,4523,4541,4559,4577,4595,4610,4628,4646],{"_path":715,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":716,"content":720,"config":727,"_id":730,"_type":16,"title":731,"_source":17,"_file":732,"_stem":733,"_extension":20},"/en-us/blog/delivering-faster-and-smarter-scans-with-advanced-sast",{"config":717,"title":718,"description":719},{"noIndex":6},"Delivering faster and smarter scans with Advanced SAST","New accuracy and speed enhancements improve the developer experience and drive adoption. ",{"title":718,"description":719,"authors":721,"heroImage":723,"date":724,"category":14,"tags":725},[722],"Salman Ladha","https://res.cloudinary.com/about-gitlab-com/image/upload/v1759320418/xjmqcozxzt4frx0hori3.png","2025-10-21",[14,726],"product",{"featured":6,"template":728,"slug":729},"BlogPost","delivering-faster-and-smarter-scans-with-advanced-sast","content:en-us:blog:delivering-faster-and-smarter-scans-with-advanced-sast.yml","Delivering Faster And Smarter Scans With Advanced Sast","en-us/blog/delivering-faster-and-smarter-scans-with-advanced-sast.yml","en-us/blog/delivering-faster-and-smarter-scans-with-advanced-sast",{"_path":735,"_dir":736,"_draft":6,"_partial":6,"_locale":7,"content":737,"config":744,"_id":746,"_type":16,"title":747,"_source":17,"_file":748,"_stem":749,"_extension":20},"/en-us/blog/external-url/gitlab-patch-release-18-4-2-18-3-4-18-2-8","external-url",{"title":738,"description":739,"heroImage":740,"date":741,"category":14,"tags":742},"GitLab Patch Release: 18.4.2, 18.3.4, 18.2.8","Learn more about GitLab Patch Release: 18.4.2, 18.3.4, 18.2.8 for GitLab Community Edition (CE) and Enterprise Edition (EE).","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749661926/Blog/Hero%20Images/security-patch-blog-image-r2-0506-700x400-fy25_2x.jpg","2025-10-08",[743],"releases",{"featured":6,"template":728,"externalUrl":745},"https://about.gitlab.com/releases/2025/10/08/patch-release-gitlab-18-4-2-released/","content:en-us:blog:external-url:gitlab-patch-release-18-4-2-18-3-4-18-2-8.yml","Gitlab Patch Release 18 4 2 18 3 4 18 2 8","en-us/blog/external-url/gitlab-patch-release-18-4-2-18-3-4-18-2-8.yml","en-us/blog/external-url/gitlab-patch-release-18-4-2-18-3-4-18-2-8",{"_path":751,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":752,"config":755,"content":757,"_id":765,"_type":16,"title":766,"_source":17,"_file":767,"_stem":768,"_extension":20},"/en-us/blog/comprehensive-guide-to-gitlab-dast",{"title":753,"description":754},"A comprehensive guide to GitLab DAST","DevSecOps teams can learn how to implement and configure dynamic application security testing, perform passive/active scans, and set security policies.",{"slug":756,"featured":92,"template":728},"comprehensive-guide-to-gitlab-dast",{"title":753,"description":754,"authors":758,"heroImage":723,"date":760,"updatedDate":761,"category":14,"tags":762},[759],"Fernando Diaz","2025-09-17","2025-10-01",[14,763,764],"tutorial","testing","content:en-us:blog:comprehensive-guide-to-gitlab-dast.yml","Comprehensive Guide To Gitlab Dast","en-us/blog/comprehensive-guide-to-gitlab-dast.yml","en-us/blog/comprehensive-guide-to-gitlab-dast",{"_path":770,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":771,"content":775,"config":784,"_id":786,"_type":16,"title":787,"_source":17,"_file":788,"_stem":789,"_extension":20},"/en-us/blog/a-developers-guide-to-building-secure-retail-apps-with-gitlab",{"config":772,"title":773,"description":774},{"noIndex":6},"A developer's guide to building secure retail apps with GitLab","Learn how a DevSecOps platform helps retailers develop secure, compliant software for complex, high-traffic retail environments.",{"title":773,"description":774,"authors":776,"category":14,"tags":779,"date":782,"heroImage":783},[777,778],"Itzik Gan Baruch","Rebeca Fenoy-Anthony",[14,726,780,781],"features","AI/ML","2025-09-04","https://res.cloudinary.com/about-gitlab-com/image/upload/v1756989645/fojzxakmfdea6jfqjkrl.png",{"featured":92,"template":728,"slug":785},"a-developers-guide-to-building-secure-retail-apps-with-gitlab","content:en-us:blog:a-developers-guide-to-building-secure-retail-apps-with-gitlab.yml","A Developers Guide To Building Secure Retail Apps With Gitlab","en-us/blog/a-developers-guide-to-building-secure-retail-apps-with-gitlab.yml","en-us/blog/a-developers-guide-to-building-secure-retail-apps-with-gitlab",{"_path":791,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":792,"content":796,"config":803,"_id":805,"_type":16,"title":806,"_source":17,"_file":807,"_stem":808,"_extension":20},"/en-us/blog/gitlab-uncovers-bittensor-theft-campaign-via-pypi",{"config":793,"title":794,"description":795},{"noIndex":6},"GitLab uncovers Bittensor theft campaign via PyPI","Learn how we identified a supply chain attack campaign using typosquatted PyPI packages to steal cryptocurrency from Bittensor wallets by hijacking staking operations.",{"title":794,"authors":797,"description":799,"date":800,"category":14,"tags":801,"heroImage":802},[798],"Michael Henriksen","GitLab's Vulnerability Research team identified a supply chain attack campaign using typosquatted PyPI packages to steal cryptocurrency from Bittensor wallets by hijacking staking operations.","2025-08-06",[14],"https://res.cloudinary.com/about-gitlab-com/image/upload/f_auto,q_auto,c_lfill/v1750098739/Blog/Hero%20Images/Blog/Hero%20Images/AdobeStock_282096522_securitycompliance.jpeg_1750098739024.jpg",{"featured":6,"template":728,"slug":804},"gitlab-uncovers-bittensor-theft-campaign-via-pypi","content:en-us:blog:gitlab-uncovers-bittensor-theft-campaign-via-pypi.yml","Gitlab Uncovers Bittensor Theft Campaign Via Pypi","en-us/blog/gitlab-uncovers-bittensor-theft-campaign-via-pypi.yml","en-us/blog/gitlab-uncovers-bittensor-theft-campaign-via-pypi",{"_path":810,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":811,"content":815,"config":821,"_id":823,"_type":16,"title":824,"_source":17,"_file":825,"_stem":826,"_extension":20},"/en-us/blog/securing-ai-together-gitlabs-partnership-with-security-researchers",{"config":812,"title":813,"description":814},{"noIndex":6},"Securing AI together: GitLab’s partnership with security researchers","Learn how GitLab collaborates with security researchers to identify and defend against emerging threats.",{"title":813,"description":814,"authors":816,"heroImage":818,"date":819,"category":14,"tags":820},[817],"Kymberlee Price","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749667636/Blog/Hero%20Images/Dedicated_Screengrab_1800x945.png","2025-07-31",[14],{"featured":6,"template":728,"slug":822},"securing-ai-together-gitlabs-partnership-with-security-researchers","content:en-us:blog:securing-ai-together-gitlabs-partnership-with-security-researchers.yml","Securing Ai Together Gitlabs Partnership With Security Researchers","en-us/blog/securing-ai-together-gitlabs-partnership-with-security-researchers.yml","en-us/blog/securing-ai-together-gitlabs-partnership-with-security-researchers",{"_path":828,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":829,"content":833,"config":840,"_id":842,"_type":16,"title":843,"_source":17,"_file":844,"_stem":845,"_extension":20},"/en-us/blog/how-to-transform-compliance-observation-management-with-gitlab",{"config":830,"title":831,"description":832},{"noIndex":6},"How to transform compliance observation management with GitLab","Learn how GitLab's Security Compliance team improved observation management using the DevSecOps platform, enhancing visibility, collaboration, and accountability.",{"title":831,"description":832,"authors":834,"heroImage":836,"date":837,"category":14,"tags":838},[835],"Madeline Lake","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749675154/Blog/Hero%20Images/blog-image-template-1800x945__8_.png","2025-07-24",[14,839],"inside GitLab",{"featured":6,"template":728,"slug":841},"how-to-transform-compliance-observation-management-with-gitlab","content:en-us:blog:how-to-transform-compliance-observation-management-with-gitlab.yml","How To Transform Compliance Observation Management With Gitlab","en-us/blog/how-to-transform-compliance-observation-management-with-gitlab.yml","en-us/blog/how-to-transform-compliance-observation-management-with-gitlab",{"_path":847,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":848,"content":851,"config":855,"_id":857,"_type":16,"title":858,"_source":17,"_file":859,"_stem":860,"_extension":20},"/en-us/blog/software-supply-chain-security-guide-why-organizations-struggle",{"noIndex":6,"title":849,"description":850},"Software supply chain security guide: Why organizations struggle","Part 1 of this new series explores fundamental challenges, practical solutions, and emerging trends, including AI, that every development team needs to understand.",{"title":849,"description":850,"authors":852,"heroImage":853,"date":837,"category":14,"tags":854},[777],"https://res.cloudinary.com/about-gitlab-com/image/upload/v1750097701/Blog/Hero%20Images/Blog/Hero%20Images/blog-image-template-1800x945%20%285%29_1iy516k40hwBDChKcUJ2zb_1750097700983.png",[14,726,763],{"featured":92,"template":728,"slug":856},"software-supply-chain-security-guide-why-organizations-struggle","content:en-us:blog:software-supply-chain-security-guide-why-organizations-struggle.yml","Software Supply Chain Security Guide Why Organizations Struggle","en-us/blog/software-supply-chain-security-guide-why-organizations-struggle.yml","en-us/blog/software-supply-chain-security-guide-why-organizations-struggle",{"_path":862,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":863,"content":866,"config":870,"_id":872,"_type":16,"title":873,"_source":17,"_file":874,"_stem":875,"_extension":20},"/en-us/blog/bridging-the-visibility-gap-in-software-supply-chain-security",{"noIndex":6,"title":864,"description":865},"Bridging the visibility gap in software supply chain security","GitLab 18.2 includes support for comprehensive scanner coverage and transitive dependency visualization.",{"title":864,"description":865,"authors":867,"heroImage":740,"date":868,"category":14,"tags":869},[722],"2025-07-21",[14,780,726],{"featured":92,"template":728,"slug":871},"bridging-the-visibility-gap-in-software-supply-chain-security","content:en-us:blog:bridging-the-visibility-gap-in-software-supply-chain-security.yml","Bridging The Visibility Gap In Software Supply Chain Security","en-us/blog/bridging-the-visibility-gap-in-software-supply-chain-security.yml","en-us/blog/bridging-the-visibility-gap-in-software-supply-chain-security",{"_path":877,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":878,"content":881,"config":886,"_id":888,"_type":16,"title":889,"_source":17,"_file":890,"_stem":891,"_extension":20},"/en-us/blog/gitlab-catches-mongodb-go-module-supply-chain-attack",{"noIndex":6,"title":879,"description":880},"GitLab catches MongoDB Go module supply chain attack","Learn how GitLab detected a supply chain attack targeting Go developers through fake MongoDB drivers that deploy persistent backdoor malware.",{"title":879,"description":880,"authors":882,"heroImage":883,"category":14,"tags":884,"date":885},[798],"https://res.cloudinary.com/about-gitlab-com/image/upload/v1750098739/Blog/Hero%20Images/Blog/Hero%20Images/AdobeStock_282096522_securitycompliance.jpeg_1750098739024.jpg",[14,726],"2025-06-30",{"featured":92,"template":728,"slug":887},"gitlab-catches-mongodb-go-module-supply-chain-attack","content:en-us:blog:gitlab-catches-mongodb-go-module-supply-chain-attack.yml","Gitlab Catches Mongodb Go Module Supply Chain Attack","en-us/blog/gitlab-catches-mongodb-go-module-supply-chain-attack.yml","en-us/blog/gitlab-catches-mongodb-go-module-supply-chain-attack",{"_path":893,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":894,"content":897,"config":905,"_id":907,"_type":16,"title":908,"_source":17,"_file":909,"_stem":910,"_extension":20},"/en-us/blog/automating-role-based-access-control-rbac-at-scale",{"noIndex":6,"title":895,"description":896},"Automating role-based access control (RBAC) at scale","This guide details setting up GitLab + Keycloak + OIDC for RBAC, covering planning, Docker configuration, and automated access governance for DevSecOps.",{"title":895,"description":896,"heroImage":898,"date":899,"category":14,"tags":900,"authors":901},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1749659561/Blog/Hero%20Images/securitycheck.png","2025-06-20",[14],[902,903,904],"James Wormwell","Paul Meresanu","Kees Valkhof",{"featured":92,"template":728,"slug":906},"automating-role-based-access-control-rbac-at-scale","content:en-us:blog:automating-role-based-access-control-rbac-at-scale.yml","Automating Role Based Access Control Rbac At Scale","en-us/blog/automating-role-based-access-control-rbac-at-scale.yml","en-us/blog/automating-role-based-access-control-rbac-at-scale",{"_path":912,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":913,"content":921,"config":926,"_id":928,"_type":16,"title":929,"_source":17,"_file":930,"_stem":931,"_extension":20},"/en-us/blog/last-year-we-signed-the-secure-by-design-pledge-heres-our-progress",{"title":914,"description":915,"ogTitle":914,"ogDescription":915,"noIndex":6,"ogImage":916,"ogUrl":917,"ogSiteName":918,"ogType":919,"canonicalUrls":917,"schema":920},"Last year we signed the Secure by Design pledge - here's our progress","Learn about GitLab's CISA-aligned additions and improvements around MFA, default password reduction, patching, and vulnerability disclosure.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749659684/Blog/Hero%20Images/AdobeStock_479904468__1_.jpg","https://about.gitlab.com/blog/last-year-we-signed-the-secure-by-design-pledge-heres-our-progress","https://about.gitlab.com","article","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Last year we signed the Secure by Design pledge - here's our progress\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Joseph Longo\"}],\n \"datePublished\": \"2025-06-09\",\n }",{"title":914,"description":915,"authors":922,"heroImage":916,"date":924,"category":14,"tags":925},[923],"Joseph Longo","2025-06-09",[573,542,14,185],{"slug":927,"featured":92,"template":728},"last-year-we-signed-the-secure-by-design-pledge-heres-our-progress","content:en-us:blog:last-year-we-signed-the-secure-by-design-pledge-heres-our-progress.yml","Last Year We Signed The Secure By Design Pledge Heres Our Progress","en-us/blog/last-year-we-signed-the-secure-by-design-pledge-heres-our-progress.yml","en-us/blog/last-year-we-signed-the-secure-by-design-pledge-heres-our-progress",{"_path":933,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":934,"content":940,"config":947,"_id":949,"_type":16,"title":950,"_source":17,"_file":951,"_stem":952,"_extension":20},"/en-us/blog/introducing-compromised-password-detection-for-gitlab-com",{"title":935,"description":936,"ogTitle":935,"ogDescription":936,"noIndex":6,"ogImage":937,"ogUrl":938,"ogSiteName":918,"ogType":919,"canonicalUrls":938,"schema":939},"Introducing compromised password detection for GitLab.com","GitLab is adding compromised password detection on June 19, 2025. After that date, users logging in with known compromised passwords will be warned. Here is what you need to know.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750097341/Blog/Hero%20Images/Blog/Hero%20Images/blog-image-template-1800x945%20%287%29_6QBUJnfaq500YYVKVDlxK7_1750097340425.png","https://about.gitlab.com/blog/introducing-compromised-password-detection-for-gitlab-com","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Introducing compromised password detection for GitLab.com\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Ruby Nealon\"},{\"@type\":\"Person\",\"name\":\"Matt Coons\"}],\n \"datePublished\": \"2025-05-22\",\n }",{"title":935,"description":936,"authors":941,"heroImage":937,"date":944,"category":14,"tags":945},[942,943],"Ruby Nealon","Matt Coons","2025-05-22",[14,726,780,946,542],"news",{"slug":948,"featured":92,"template":728},"introducing-compromised-password-detection-for-gitlab-com","content:en-us:blog:introducing-compromised-password-detection-for-gitlab-com.yml","Introducing Compromised Password Detection For Gitlab Com","en-us/blog/introducing-compromised-password-detection-for-gitlab-com.yml","en-us/blog/introducing-compromised-password-detection-for-gitlab-com",{"_path":954,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":955,"content":961,"config":966,"_id":968,"_type":16,"title":969,"_source":17,"_file":970,"_stem":971,"_extension":20},"/en-us/blog/tutorial-secure-and-optimize-your-maven-repository-in-gitlab",{"title":956,"description":957,"ogTitle":956,"ogDescription":957,"noIndex":6,"ogImage":958,"ogUrl":959,"ogSiteName":918,"ogType":919,"canonicalUrls":959,"schema":960},"Tutorial: Secure and optimize your Maven Repository in GitLab","Learn the best practices, advanced techniques, and upcoming features that improve the efficiency of your DevSecOps workflow.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749666187/Blog/Hero%20Images/blog-image-template-1800x945__6_.png","https://about.gitlab.com/blog/tutorial-secure-and-optimize-your-maven-repository-in-gitlab","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Tutorial: Secure and optimize your Maven Repository in GitLab\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Tim Rizzi\"}],\n \"datePublished\": \"2025-05-22\",\n }",{"title":956,"description":957,"authors":962,"heroImage":958,"date":944,"category":14,"tags":964},[963],"Tim Rizzi",[14,542,780,726,965],"workflow",{"slug":967,"featured":92,"template":728},"tutorial-secure-and-optimize-your-maven-repository-in-gitlab","content:en-us:blog:tutorial-secure-and-optimize-your-maven-repository-in-gitlab.yml","Tutorial Secure And Optimize Your Maven Repository In Gitlab","en-us/blog/tutorial-secure-and-optimize-your-maven-repository-in-gitlab.yml","en-us/blog/tutorial-secure-and-optimize-your-maven-repository-in-gitlab",{"_path":973,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":974,"content":980,"config":986,"_id":988,"_type":16,"title":989,"_source":17,"_file":990,"_stem":991,"_extension":20},"/en-us/blog/our-step-by-step-guide-to-evaluating-runtime-security-tools",{"title":975,"description":976,"ogTitle":975,"ogDescription":976,"noIndex":6,"ogImage":977,"ogUrl":978,"ogSiteName":918,"ogType":919,"canonicalUrls":978,"schema":979},"Our step-by-step guide to evaluating runtime security tools","Key learnings from the GitLab Security team’s runtime security tool evaluation on Kubernetes clusters and Linux servers using real-world attack simulations.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750097534/Blog/Hero%20Images/Blog/Hero%20Images/AdobeStock_1097303277_6gTk7M1DNx0tFuovupVFB1_1750097534344.jpg","https://about.gitlab.com/blog/our-step-by-step-guide-to-evaluating-runtime-security-tools","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Our step-by-step guide to evaluating runtime security tools\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Hiroki Suezawa\"},{\"@type\":\"Person\",\"name\":\"Mitra Jozenazemian\"}],\n \"datePublished\": \"2025-05-13\",\n }",{"title":975,"description":976,"authors":981,"heroImage":977,"date":984,"category":14,"tags":985},[982,983],"Hiroki Suezawa","Mitra Jozenazemian","2025-05-13",[14,573,839],{"slug":987,"featured":6,"template":728},"our-step-by-step-guide-to-evaluating-runtime-security-tools","content:en-us:blog:our-step-by-step-guide-to-evaluating-runtime-security-tools.yml","Our Step By Step Guide To Evaluating Runtime Security Tools","en-us/blog/our-step-by-step-guide-to-evaluating-runtime-security-tools.yml","en-us/blog/our-step-by-step-guide-to-evaluating-runtime-security-tools",{"_path":993,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":994,"content":1000,"config":1004,"_id":1006,"_type":16,"title":1007,"_source":17,"_file":1008,"_stem":1009,"_extension":20},"/en-us/blog/how-to-use-gitlabs-custom-compliance-frameworks-in-your-devsecops",{"title":995,"description":996,"ogTitle":995,"ogDescription":996,"noIndex":6,"ogImage":997,"ogUrl":998,"ogSiteName":918,"ogType":919,"canonicalUrls":998,"schema":999},"How to use GitLab's Custom Compliance Frameworks in your DevSecOps environment","Explore how new frameworks, along with more than 50 out-of-the-box controls, transform regulatory requirements from burdensome checkboxes to integrated, automated workflow components.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750097104/Blog/Hero%20Images/Blog/Hero%20Images/blog-image-template-1800x945%20%284%29_3LZkiDjHLjhqEkvOvBsVKp_1750097104092.png","https://about.gitlab.com/blog/how-to-use-gitlabs-custom-compliance-frameworks-in-your-devsecops","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How to use GitLab's Custom Compliance Frameworks in your DevSecOps environment\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Fernando Diaz\"}],\n \"datePublished\": \"2025-04-30\",\n }",{"title":995,"description":996,"authors":1001,"heroImage":997,"date":1002,"category":14,"tags":1003},[759],"2025-04-30",[14,763,542,780,726],{"slug":1005,"featured":92,"template":728},"how-to-use-gitlabs-custom-compliance-frameworks-in-your-devsecops","content:en-us:blog:how-to-use-gitlabs-custom-compliance-frameworks-in-your-devsecops.yml","How To Use Gitlabs Custom Compliance Frameworks In Your Devsecops","en-us/blog/how-to-use-gitlabs-custom-compliance-frameworks-in-your-devsecops.yml","en-us/blog/how-to-use-gitlabs-custom-compliance-frameworks-in-your-devsecops",{"_path":1011,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1012,"content":1018,"config":1023,"_id":1025,"_type":16,"title":1026,"_source":17,"_file":1027,"_stem":1028,"_extension":20},"/en-us/blog/introducing-custom-compliance-frameworks-in-gitlab",{"title":1013,"description":1014,"ogTitle":1013,"ogDescription":1014,"noIndex":6,"ogImage":1015,"ogUrl":1016,"ogSiteName":918,"ogType":919,"canonicalUrls":1016,"schema":1017},"Introducing Custom Compliance Frameworks in GitLab","Reduce manual tracking, accelerate audit readiness, and enforce controls faster natively within GitLab DevSecOps workflows.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750099268/Blog/Hero%20Images/Blog/Hero%20Images/GitLab_Blog_Header_v4_YBzFAgt2EAkqQfqxNFEgj_1750099267940.svg","https://about.gitlab.com/blog/introducing-custom-compliance-frameworks-in-gitlab","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Introducing Custom Compliance Frameworks in GitLab\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Ian Khor\"},{\"@type\":\"Person\",\"name\":\"Salman Ladha\"}],\n \"datePublished\": \"2025-04-17\",\n }",{"title":1013,"description":1014,"authors":1019,"heroImage":1015,"date":1021,"category":14,"tags":1022},[1020,722],"Ian Khor","2025-04-17",[14,726,780,542],{"slug":1024,"featured":6,"template":728},"introducing-custom-compliance-frameworks-in-gitlab","content:en-us:blog:introducing-custom-compliance-frameworks-in-gitlab.yml","Introducing Custom Compliance Frameworks In Gitlab","en-us/blog/introducing-custom-compliance-frameworks-in-gitlab.yml","en-us/blog/introducing-custom-compliance-frameworks-in-gitlab",{"_path":1030,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1031,"content":1037,"config":1042,"_id":1044,"_type":16,"title":1045,"_source":17,"_file":1046,"_stem":1047,"_extension":20},"/en-us/blog/enhance-application-security-with-gitlab-hackerone",{"title":1032,"description":1033,"ogTitle":1032,"ogDescription":1033,"noIndex":6,"ogImage":1034,"ogUrl":1035,"ogSiteName":918,"ogType":919,"canonicalUrls":1035,"schema":1036},"Enhance application security with GitLab + HackerOne","Learn about the GitLab + HackerOne partnership and how to easily implement an integration that improves your organization’s application security posture.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750097503/Blog/Hero%20Images/Blog/Hero%20Images/blog-image-template-1800x945%20%2810%29_5ET24Q6i8ihqrAOkge7a1R_1750097503214.png","https://about.gitlab.com/blog/enhance-application-security-with-gitlab-hackerone","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Enhance application security with GitLab + HackerOne\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Fernando Diaz\"}],\n \"datePublished\": \"2025-04-03\",\n }",{"title":1032,"description":1033,"authors":1038,"heroImage":1034,"date":1039,"category":14,"tags":1040},[759],"2025-04-03",[14,763,232,283,542,573,1041],"bug bounty",{"slug":1043,"featured":6,"template":728},"enhance-application-security-with-gitlab-hackerone","content:en-us:blog:enhance-application-security-with-gitlab-hackerone.yml","Enhance Application Security With Gitlab Hackerone","en-us/blog/enhance-application-security-with-gitlab-hackerone.yml","en-us/blog/enhance-application-security-with-gitlab-hackerone",{"_path":1049,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1050,"content":1056,"config":1060,"_id":1062,"_type":16,"title":1063,"_source":17,"_file":1064,"_stem":1065,"_extension":20},"/en-us/blog/secure-and-safe-login-and-commits-with-gitlab-yubico",{"title":1051,"description":1052,"ogTitle":1051,"ogDescription":1052,"noIndex":6,"ogImage":1053,"ogUrl":1054,"ogSiteName":918,"ogType":919,"canonicalUrls":1054,"schema":1055},"Secure and safe login and commits with GitLab + Yubico","Learn how GitLab and Yubico have partnered to strengthen software development security through robust authentication measures.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749663259/Blog/Hero%20Images/REFERENCE_-_display_preview_for_blog_images__3_.png","https://about.gitlab.com/blog/secure-and-safe-login-and-commits-with-gitlab-yubico","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Secure and safe login and commits with GitLab + Yubico\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Fernando Diaz\"}],\n \"datePublished\": \"2025-04-02\",\n }",{"title":1051,"description":1052,"authors":1057,"heroImage":1053,"date":1058,"category":14,"tags":1059},[759],"2025-04-02",[232,14,763,542,726,780],{"slug":1061,"featured":92,"template":728},"secure-and-safe-login-and-commits-with-gitlab-yubico","content:en-us:blog:secure-and-safe-login-and-commits-with-gitlab-yubico.yml","Secure And Safe Login And Commits With Gitlab Yubico","en-us/blog/secure-and-safe-login-and-commits-with-gitlab-yubico.yml","en-us/blog/secure-and-safe-login-and-commits-with-gitlab-yubico",{"_path":1067,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1068,"content":1073,"config":1077,"_id":1079,"_type":16,"title":1080,"_source":17,"_file":1081,"_stem":1082,"_extension":20},"/en-us/blog/enhance-data-security-with-custom-pii-detection-rulesets",{"title":1069,"description":1070,"ogTitle":1069,"ogDescription":1070,"noIndex":6,"ogImage":853,"ogUrl":1071,"ogSiteName":918,"ogType":919,"canonicalUrls":1071,"schema":1072},"Strengthen data security with custom PII detection rulesets","This tutorial explains how GitLab's customizable Secret Detection rulesets enhance data security by identifying PII patterns in code repositories. Learn how AI can help.","https://about.gitlab.com/blog/enhance-data-security-with-custom-pii-detection-rulesets","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Strengthen data security with custom PII detection rulesets\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Fernando Diaz\"}],\n \"datePublished\": \"2025-04-01\",\n }",{"title":1069,"description":1070,"authors":1074,"heroImage":853,"date":1075,"category":14,"tags":1076},[759],"2025-04-01",[14,726,763,542,781],{"slug":1078,"featured":92,"template":728},"enhance-data-security-with-custom-pii-detection-rulesets","content:en-us:blog:enhance-data-security-with-custom-pii-detection-rulesets.yml","Enhance Data Security With Custom Pii Detection Rulesets","en-us/blog/enhance-data-security-with-custom-pii-detection-rulesets.yml","en-us/blog/enhance-data-security-with-custom-pii-detection-rulesets",{"_path":1084,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1085,"content":1091,"config":1097,"_id":1099,"_type":16,"title":1100,"_source":17,"_file":1101,"_stem":1102,"_extension":20},"/en-us/blog/self-service-security-alert-handling-with-gitlabs-uam",{"title":1086,"description":1087,"ogTitle":1086,"ogDescription":1087,"noIndex":6,"ogImage":1088,"ogUrl":1089,"ogSiteName":918,"ogType":919,"canonicalUrls":1089,"schema":1090},"Self-service security alert handling with GitLab's UAM","The User Attestation Module automates security alerts by routing them directly to team members for verification, reducing manual SecOps work and enhancing audit trails.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749662080/Blog/Hero%20Images/AdobeStock_1097303277.jpg","https://about.gitlab.com/blog/self-service-security-alert-handling-with-gitlabs-uam","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Self-service security alert handling with GitLab's UAM\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Bala Allam\"},{\"@type\":\"Person\",\"name\":\"Matt Coons\"}],\n \"datePublished\": \"2025-03-18\",\n }",{"title":1086,"description":1087,"authors":1092,"heroImage":1088,"date":1094,"category":14,"tags":1095},[1093,943],"Bala Allam","2025-03-18",[14,763,542,726,1096],"open source",{"slug":1098,"featured":6,"template":728},"self-service-security-alert-handling-with-gitlabs-uam","content:en-us:blog:self-service-security-alert-handling-with-gitlabs-uam.yml","Self Service Security Alert Handling With Gitlabs Uam","en-us/blog/self-service-security-alert-handling-with-gitlabs-uam.yml","en-us/blog/self-service-security-alert-handling-with-gitlabs-uam",{"_path":1104,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1105,"content":1111,"config":1115,"_id":1117,"_type":16,"title":1118,"_source":17,"_file":1119,"_stem":1120,"_extension":20},"/en-us/blog/vulnerability-risk-prioritization-made-simple-with-gitlab",{"title":1106,"description":1107,"ogTitle":1106,"ogDescription":1107,"noIndex":6,"ogImage":1108,"ogUrl":1109,"ogSiteName":918,"ogType":919,"canonicalUrls":1109,"schema":1110},"Vulnerability risk prioritization made simple with GitLab","GitLab provides detailed vulnerability risk data to assess the potential impact of detected vulnerabilities. Learn how this enables teams to effectively prioritize remediation efforts.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749674528/Blog/Hero%20Images/blog-image-template-1800x945__5_.png","https://about.gitlab.com/blog/vulnerability-risk-prioritization-made-simple-with-gitlab","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Vulnerability risk prioritization made simple with GitLab\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Fernando Diaz\"}],\n \"datePublished\": \"2025-03-12\",\n }",{"title":1106,"description":1107,"authors":1112,"heroImage":1108,"date":1113,"category":14,"tags":1114},[759],"2025-03-12",[763,14,573],{"slug":1116,"featured":92,"template":728},"vulnerability-risk-prioritization-made-simple-with-gitlab","content:en-us:blog:vulnerability-risk-prioritization-made-simple-with-gitlab.yml","Vulnerability Risk Prioritization Made Simple With Gitlab","en-us/blog/vulnerability-risk-prioritization-made-simple-with-gitlab.yml","en-us/blog/vulnerability-risk-prioritization-made-simple-with-gitlab",{"_path":1122,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1123,"content":1129,"config":1134,"_id":1136,"_type":16,"title":1137,"_source":17,"_file":1138,"_stem":1139,"_extension":20},"/en-us/blog/how-gitlab-measures-red-team-impact-the-adoption-rate-metric",{"title":1124,"description":1125,"ogTitle":1124,"ogDescription":1125,"noIndex":6,"ogImage":1126,"ogUrl":1127,"ogSiteName":918,"ogType":919,"canonicalUrls":1127,"schema":1128},"How GitLab measures Red Team impact: The adoption rate metric","Follow our journey to develop and implement better metrics, including how we used GitLab to track our results end-to-end. Also find out the lessons learned along the way.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749663239/Blog/Hero%20Images/AdobeStock_1023776629.jpg","https://about.gitlab.com/blog/how-gitlab-measures-red-team-impact-the-adoption-rate-metric","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How GitLab measures Red Team impact: The adoption rate metric\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Chris Moberly\"}],\n \"datePublished\": \"2025-03-05\",\n }",{"title":1124,"description":1125,"authors":1130,"heroImage":1126,"date":1132,"category":14,"tags":1133},[1131],"Chris Moberly","2025-03-05",[14,573,839],{"slug":1135,"featured":6,"template":728},"how-gitlab-measures-red-team-impact-the-adoption-rate-metric","content:en-us:blog:how-gitlab-measures-red-team-impact-the-adoption-rate-metric.yml","How Gitlab Measures Red Team Impact The Adoption Rate Metric","en-us/blog/how-gitlab-measures-red-team-impact-the-adoption-rate-metric.yml","en-us/blog/how-gitlab-measures-red-team-impact-the-adoption-rate-metric",{"_path":1141,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1142,"content":1148,"config":1152,"_id":1154,"_type":16,"title":1155,"_source":17,"_file":1156,"_stem":1157,"_extension":20},"/en-us/blog/introducing-gitlabs-open-source-security-center",{"title":1143,"description":1144,"ogTitle":1143,"ogDescription":1144,"noIndex":6,"ogImage":1145,"ogUrl":1146,"ogSiteName":918,"ogType":919,"canonicalUrls":1146,"schema":1147},"Introducing GitLab’s Open Source Security Center","Our open source repository of projects designed to enhance security operations and risk management will help developers adapt faster, respond smarter, and defend better — together.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749661895/Blog/Hero%20Images/blog-image-template-1800x945__7_.png","https://about.gitlab.com/blog/introducing-gitlabs-open-source-security-center","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Introducing GitLab’s Open Source Security Center\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Salman Ladha\"},{\"@type\":\"Person\",\"name\":\"Joseph Longo\"}],\n \"datePublished\": \"2025-03-04\",\n }",{"title":1143,"description":1144,"authors":1149,"heroImage":1145,"date":1150,"category":14,"tags":1151},[722,923],"2025-03-04",[14,946,1096,573,780],{"slug":1153,"featured":92,"template":728},"introducing-gitlabs-open-source-security-center","content:en-us:blog:introducing-gitlabs-open-source-security-center.yml","Introducing Gitlabs Open Source Security Center","en-us/blog/introducing-gitlabs-open-source-security-center.yml","en-us/blog/introducing-gitlabs-open-source-security-center",{"_path":1159,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1160,"content":1166,"config":1171,"_id":1173,"_type":16,"title":1174,"_source":17,"_file":1175,"_stem":1176,"_extension":20},"/en-us/blog/the-ultimate-guide-to-token-management-at-gitlab",{"title":1161,"description":1162,"ogTitle":1161,"ogDescription":1162,"noIndex":6,"ogImage":1163,"ogUrl":1164,"ogSiteName":918,"ogType":919,"canonicalUrls":1164,"schema":1165},"The ultimate guide to token management at GitLab","Learn all the steps in the end-to-end process of identifying, managing, and securing tokens for improved security across the software development lifecycle.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750097408/Blog/Hero%20Images/Blog/Hero%20Images/AdobeStock_1097303277_6gTk7M1DNx0tFuovupVFB1_1750097407860.jpg","https://about.gitlab.com/blog/the-ultimate-guide-to-token-management-at-gitlab","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"The ultimate guide to token management at GitLab\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Hakeem Abdul-Razak\"}],\n \"datePublished\": \"2025-02-25\",\n }",{"title":1161,"description":1162,"authors":1167,"heroImage":1163,"date":1169,"category":14,"tags":1170},[1168],"Hakeem Abdul-Razak","2025-02-25",[763,14,542,780,726],{"slug":1172,"featured":92,"template":728},"the-ultimate-guide-to-token-management-at-gitlab","content:en-us:blog:the-ultimate-guide-to-token-management-at-gitlab.yml","The Ultimate Guide To Token Management At Gitlab","en-us/blog/the-ultimate-guide-to-token-management-at-gitlab.yml","en-us/blog/the-ultimate-guide-to-token-management-at-gitlab",{"_path":1178,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1179,"content":1185,"config":1192,"_id":1194,"_type":16,"title":1195,"_source":17,"_file":1196,"_stem":1197,"_extension":20},"/en-us/blog/how-to-scan-a-full-commit-history-to-detect-sensitive-secrets",{"title":1180,"description":1181,"ogTitle":1180,"ogDescription":1181,"noIndex":6,"ogImage":1182,"ogUrl":1183,"ogSiteName":918,"ogType":919,"canonicalUrls":1183,"schema":1184},"How to scan a full commit history to detect sensitive secrets","Use GitLab Secret Detection to scan a repository's commit history, including branches. View results within the GitLab UI with just a few lines of code added to a pipeline file.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750097948/Blog/Hero%20Images/Blog/Hero%20Images/REFERENCE%20-%20display%20preview%20for%20blog%20images%20%281%29_2XDPsbkjQ3o6tcdom6IGxI_1750097948673.png","https://about.gitlab.com/blog/how-to-scan-a-full-commit-history-to-detect-sensitive-secrets","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How to scan a full commit history to detect sensitive secrets\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Noah Ing\"},{\"@type\":\"Person\",\"name\":\"Jerez Solis\"}],\n \"datePublished\": \"2025-02-06\",\n }",{"title":1180,"description":1181,"authors":1186,"heroImage":1182,"date":1189,"category":14,"tags":1190},[1187,1188],"Noah Ing","Jerez Solis","2025-02-06",[1191,763,542,780],"solutions architecture",{"slug":1193,"featured":6,"template":728},"how-to-scan-a-full-commit-history-to-detect-sensitive-secrets","content:en-us:blog:how-to-scan-a-full-commit-history-to-detect-sensitive-secrets.yml","How To Scan A Full Commit History To Detect Sensitive Secrets","en-us/blog/how-to-scan-a-full-commit-history-to-detect-sensitive-secrets.yml","en-us/blog/how-to-scan-a-full-commit-history-to-detect-sensitive-secrets",{"_path":1199,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1200,"content":1206,"config":1210,"_id":1212,"_type":16,"title":1213,"_source":17,"_file":1214,"_stem":1215,"_extension":20},"/en-us/blog/tutorial-security-scanning-in-air-gapped-environments",{"title":1201,"description":1202,"ogTitle":1201,"ogDescription":1202,"noIndex":6,"ogImage":1203,"ogUrl":1204,"ogSiteName":918,"ogType":919,"canonicalUrls":1204,"schema":1205},"Tutorial: Security scanning in air-gapped environments","Security scanning remains crucial even in air-gapped environments to detect internal threats, prevent data exfiltration, and maintain operational integrity. Learn how GitLab can help get air-gapped environments secure.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750099301/Blog/Hero%20Images/Blog/Hero%20Images/AdobeStock_1097303277_6gTk7M1DNx0tFuovupVFB1_1750099300786.jpg","https://about.gitlab.com/blog/tutorial-security-scanning-in-air-gapped-environments","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Tutorial: Security scanning in air-gapped environments\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Fernando Diaz\"}],\n \"datePublished\": \"2025-02-05\",\n }",{"title":1201,"description":1202,"authors":1207,"heroImage":1203,"date":1208,"category":14,"tags":1209},[759],"2025-02-05",[763,14,185,542,780],{"slug":1211,"featured":92,"template":728},"tutorial-security-scanning-in-air-gapped-environments","content:en-us:blog:tutorial-security-scanning-in-air-gapped-environments.yml","Tutorial Security Scanning In Air Gapped Environments","en-us/blog/tutorial-security-scanning-in-air-gapped-environments.yml","en-us/blog/tutorial-security-scanning-in-air-gapped-environments",{"_path":1217,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1218,"content":1223,"config":1227,"_id":1229,"_type":16,"title":1230,"_source":17,"_file":1231,"_stem":1232,"_extension":20},"/en-us/blog/automating-cybersecurity-threat-detections-with-gitlab-ci-cd",{"title":1219,"description":1220,"ogTitle":1219,"ogDescription":1220,"noIndex":6,"ogImage":1126,"ogUrl":1221,"ogSiteName":918,"ogType":919,"canonicalUrls":1221,"schema":1222},"Automating cybersecurity threat detections with GitLab CI/CD","Discover how GUARD automates cybersecurity threat detections through the use\nof GitLab CI/CD and how it ensures high-quality detections.","https://about.gitlab.com/blog/automating-cybersecurity-threat-detections-with-gitlab-ci-cd","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Automating cybersecurity threat detections with GitLab CI/CD\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Mitra Jozenazemian\"}],\n \"datePublished\": \"2025-01-29\",\n }",{"title":1219,"description":1220,"authors":1224,"heroImage":1126,"date":1225,"category":14,"tags":1226},[983],"2025-01-29",[14,763,573,542,110],{"slug":1228,"featured":6,"template":728},"automating-cybersecurity-threat-detections-with-gitlab-ci-cd","content:en-us:blog:automating-cybersecurity-threat-detections-with-gitlab-ci-cd.yml","Automating Cybersecurity Threat Detections With Gitlab Ci Cd","en-us/blog/automating-cybersecurity-threat-detections-with-gitlab-ci-cd.yml","en-us/blog/automating-cybersecurity-threat-detections-with-gitlab-ci-cd",{"_path":1234,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1235,"content":1241,"config":1245,"_id":1247,"_type":16,"title":1248,"_source":17,"_file":1249,"_stem":1250,"_extension":20},"/en-us/blog/improve-ai-security-in-gitlab-with-composite-identities",{"title":1236,"description":1237,"ogTitle":1236,"ogDescription":1237,"noIndex":6,"ogImage":1238,"ogUrl":1239,"ogSiteName":918,"ogType":919,"canonicalUrls":1239,"schema":1240},"Improve AI security in GitLab with composite identities","Learn how to implement AI features responsibly by applying authentication best practices with service accounts for AI agents in GitLab.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749664638/Blog/Hero%20Images/applicationsecurity.png","https://about.gitlab.com/blog/improve-ai-security-in-gitlab-with-composite-identities","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Improve AI security in GitLab with composite identities\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Grzegorz Bizon\"}],\n \"datePublished\": \"2025-01-29\",\n }",{"title":1236,"description":1237,"authors":1242,"heroImage":1238,"date":1225,"category":14,"tags":1244},[1243],"Grzegorz Bizon",[781,573,14],{"slug":1246,"featured":6,"template":728},"improve-ai-security-in-gitlab-with-composite-identities","content:en-us:blog:improve-ai-security-in-gitlab-with-composite-identities.yml","Improve Ai Security In Gitlab With Composite Identities","en-us/blog/improve-ai-security-in-gitlab-with-composite-identities.yml","en-us/blog/improve-ai-security-in-gitlab-with-composite-identities",{"_path":1252,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1253,"content":1259,"config":1263,"_id":1265,"_type":16,"title":1266,"_source":17,"_file":1267,"_stem":1268,"_extension":20},"/en-us/blog/improve-security-auditing-with-gitlab-operational-container-scanning",{"title":1254,"description":1255,"ogTitle":1254,"ogDescription":1255,"noIndex":6,"ogImage":1256,"ogUrl":1257,"ogSiteName":918,"ogType":919,"canonicalUrls":1257,"schema":1258},"Improve security auditing with GitLab Operational Container Scanning","Learn how to conduct container vulnerability scans post-deployment to raise awareness of existing threats and to track resolution of vulnerabilities.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749664654/Blog/Hero%20Images/AdobeStock_1172300481.jpg","https://about.gitlab.com/blog/improve-security-auditing-with-gitlab-operational-container-scanning","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Improve security auditing with GitLab Operational Container Scanning\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Daniel Helfand\"}],\n \"datePublished\": \"2025-01-29\",\n }",{"title":1254,"description":1255,"authors":1260,"heroImage":1256,"date":1225,"category":14,"tags":1262},[1261],"Daniel Helfand",[780,573,763,14,726],{"slug":1264,"featured":6,"template":728},"improve-security-auditing-with-gitlab-operational-container-scanning","content:en-us:blog:improve-security-auditing-with-gitlab-operational-container-scanning.yml","Improve Security Auditing With Gitlab Operational Container Scanning","en-us/blog/improve-security-auditing-with-gitlab-operational-container-scanning.yml","en-us/blog/improve-security-auditing-with-gitlab-operational-container-scanning",{"_path":1270,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1271,"content":1277,"config":1282,"_id":1284,"_type":16,"title":1285,"_source":17,"_file":1286,"_stem":1287,"_extension":20},"/en-us/blog/how-to-gitlab-single-sign-on-with-saml-scim-and-azures-entra-id",{"title":1272,"description":1273,"ogTitle":1272,"ogDescription":1273,"noIndex":6,"ogImage":1274,"ogUrl":1275,"ogSiteName":918,"ogType":919,"canonicalUrls":1275,"schema":1276},"How-to: GitLab Single Sign-on with SAML, SCIM, and Azure’s Entra ID","Follow this detailed walk-through of the configuration steps required to configure GitLab Single Sign-on, using Microsoft Azure’s Entra ID as the identity provider.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750098047/Blog/Hero%20Images/Blog/Hero%20Images/AdobeStock_1097303277_6gTk7M1DNx0tFuovupVFB1_1750098046895.jpg","https://about.gitlab.com/blog/how-to-gitlab-single-sign-on-with-saml-scim-and-azures-entra-id","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How-to: GitLab Single Sign-on with SAML, SCIM, and Azure’s Entra ID\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Rob Jackson\"}],\n \"datePublished\": \"2025-01-23\",\n }",{"title":1272,"description":1273,"authors":1278,"heroImage":1274,"date":1280,"category":14,"tags":1281},[1279],"Rob Jackson","2025-01-23",[763,14,542,573,1191],{"slug":1283,"featured":6,"template":728},"how-to-gitlab-single-sign-on-with-saml-scim-and-azures-entra-id","content:en-us:blog:how-to-gitlab-single-sign-on-with-saml-scim-and-azures-entra-id.yml","How To Gitlab Single Sign On With Saml Scim And Azures Entra Id","en-us/blog/how-to-gitlab-single-sign-on-with-saml-scim-and-azures-entra-id.yml","en-us/blog/how-to-gitlab-single-sign-on-with-saml-scim-and-azures-entra-id",{"_path":1289,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1290,"content":1296,"config":1300,"_id":1302,"_type":16,"title":1303,"_source":17,"_file":1304,"_stem":1305,"_extension":20},"/en-us/blog/guide-to-fulfilling-soc-2-security-requirements-with-gitlab",{"title":1291,"description":1292,"ogTitle":1291,"ogDescription":1292,"noIndex":6,"ogImage":1293,"ogUrl":1294,"ogSiteName":918,"ogType":919,"canonicalUrls":1294,"schema":1295},"Guide to fulfilling SOC 2 security requirements with GitLab","Understand the application security features in the GitLab DevSecOps platform that map to System and Organization Controls 2 requirements.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750099576/Blog/Hero%20Images/Blog/Hero%20Images/AdobeStock_1172300481_IGPi3TS4VzFgcqhvEdBlR_1750099575518.jpg","https://about.gitlab.com/blog/guide-to-fulfilling-soc-2-security-requirements-with-gitlab","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Guide to fulfilling SOC 2 security requirements with GitLab\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Fernando Diaz\"}],\n \"datePublished\": \"2025-01-22\",\n }",{"title":1291,"description":1292,"authors":1297,"heroImage":1293,"date":1298,"category":14,"tags":1299},[759],"2025-01-22",[763,14,542,780,726],{"slug":1301,"featured":92,"template":728},"guide-to-fulfilling-soc-2-security-requirements-with-gitlab","content:en-us:blog:guide-to-fulfilling-soc-2-security-requirements-with-gitlab.yml","Guide To Fulfilling Soc 2 Security Requirements With Gitlab","en-us/blog/guide-to-fulfilling-soc-2-security-requirements-with-gitlab.yml","en-us/blog/guide-to-fulfilling-soc-2-security-requirements-with-gitlab",{"_path":1307,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1308,"content":1314,"config":1318,"_id":1320,"_type":16,"title":1321,"_source":17,"_file":1322,"_stem":1323,"_extension":20},"/en-us/blog/tutorial-advanced-use-case-for-gitlab-pipeline-execution-policies",{"title":1309,"description":1310,"ogTitle":1309,"ogDescription":1310,"noIndex":6,"ogImage":1311,"ogUrl":1312,"ogSiteName":918,"ogType":919,"canonicalUrls":1312,"schema":1313},"Tutorial: Advanced use case for GitLab Pipeline Execution Policies","Learn how new GitLab Ultimate functionality can enforce a standardized pipeline across an organization for improved compliance.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750098083/Blog/Hero%20Images/Blog/Hero%20Images/AdobeStock_397632156_3Ldy1urjMStQCl4qnOBvE0_1750098083312.jpg","https://about.gitlab.com/blog/tutorial-advanced-use-case-for-gitlab-pipeline-execution-policies","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Tutorial: Advanced use case for GitLab Pipeline Execution Policies\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Dan Rabinovitz\"}],\n \"datePublished\": \"2025-01-22\",\n }",{"title":1309,"description":1310,"authors":1315,"heroImage":1311,"date":1298,"category":14,"tags":1317},[1316],"Dan Rabinovitz",[14,763,185,542,110,780],{"slug":1319,"featured":6,"template":728},"tutorial-advanced-use-case-for-gitlab-pipeline-execution-policies","content:en-us:blog:tutorial-advanced-use-case-for-gitlab-pipeline-execution-policies.yml","Tutorial Advanced Use Case For Gitlab Pipeline Execution Policies","en-us/blog/tutorial-advanced-use-case-for-gitlab-pipeline-execution-policies.yml","en-us/blog/tutorial-advanced-use-case-for-gitlab-pipeline-execution-policies",{"_path":1325,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1326,"content":1332,"config":1338,"_id":1340,"_type":16,"title":1341,"_source":17,"_file":1342,"_stem":1343,"_extension":20},"/en-us/blog/introducing-gitlab-advanced-vulnerability-tracking",{"title":1327,"description":1328,"ogTitle":1327,"ogDescription":1328,"noIndex":6,"ogImage":1329,"ogUrl":1330,"ogSiteName":918,"ogType":919,"canonicalUrls":1330,"schema":1331},"Introducing GitLab Advanced Vulnerability Tracking","Learn how this security feature improves the efficiency of vulnerability management by reducing futile auditing time (includes data from a new study).","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749664844/Blog/Hero%20Images/AdobeStock_941867776.jpg","https://about.gitlab.com/blog/introducing-gitlab-advanced-vulnerability-tracking","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Introducing GitLab Advanced Vulnerability Tracking\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Julian Thome\"}],\n \"datePublished\": \"2025-01-21\",\n }",{"title":1327,"description":1328,"authors":1333,"heroImage":1329,"date":1335,"category":14,"tags":1336},[1334],"Julian Thome","2025-01-21",[14,1337,780,542],"security research",{"slug":1339,"featured":6,"template":728},"introducing-gitlab-advanced-vulnerability-tracking","content:en-us:blog:introducing-gitlab-advanced-vulnerability-tracking.yml","Introducing Gitlab Advanced Vulnerability Tracking","en-us/blog/introducing-gitlab-advanced-vulnerability-tracking.yml","en-us/blog/introducing-gitlab-advanced-vulnerability-tracking",{"_path":1345,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1346,"content":1351,"config":1355,"_id":1357,"_type":16,"title":1358,"_source":17,"_file":1359,"_stem":1360,"_extension":20},"/en-us/blog/secure-and-publish-python-packages-a-guide-to-ci-integration",{"title":1347,"description":1348,"ogTitle":1347,"ogDescription":1348,"noIndex":6,"ogImage":1088,"ogUrl":1349,"ogSiteName":918,"ogType":919,"canonicalUrls":1349,"schema":1350},"Secure and publish Python packages: A guide to CI integration","Learn how to implement a secure CI/CD pipeline across five stages with the GitLab DevSecOps platform.","https://about.gitlab.com/blog/secure-and-publish-python-packages-a-guide-to-ci-integration","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Secure and publish Python packages: A guide to CI integration\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Tim Rizzi\"}],\n \"datePublished\": \"2025-01-21\",\n }",{"title":1347,"description":1348,"authors":1352,"heroImage":1088,"date":1335,"category":14,"tags":1353},[963],[14,232,283,780,1354,110,542,763,1191],"CI",{"slug":1356,"featured":92,"template":728},"secure-and-publish-python-packages-a-guide-to-ci-integration","content:en-us:blog:secure-and-publish-python-packages-a-guide-to-ci-integration.yml","Secure And Publish Python Packages A Guide To Ci Integration","en-us/blog/secure-and-publish-python-packages-a-guide-to-ci-integration.yml","en-us/blog/secure-and-publish-python-packages-a-guide-to-ci-integration",{"_path":1362,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1363,"content":1369,"config":1375,"_id":1377,"_type":16,"title":1378,"_source":17,"_file":1379,"_stem":1380,"_extension":20},"/en-us/blog/what-the-digital-operational-resilience-act-means-for-banks",{"title":1364,"description":1365,"ogTitle":1364,"ogDescription":1365,"noIndex":6,"ogImage":1366,"ogUrl":1367,"ogSiteName":918,"ogType":919,"canonicalUrls":1367,"schema":1368},"What the Digital Operational Resilience Act means for banks","Find out why financial institutions need to understand the DORA legislative framework introduced in the European Union to strengthen operational resilience.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750098149/Blog/Hero%20Images/Blog/Hero%20Images/blog-image-template-1800x945%20%284%29_3LZkiDjHLjhqEkvOvBsVKp_1750098149751.png","https://about.gitlab.com/blog/what-the-digital-operational-resilience-act-means-for-banks","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"What the Digital Operational Resilience Act means for banks\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Joshua Carroll\"},{\"@type\":\"Person\",\"name\":\"Allie Holland\"}],\n \"datePublished\": \"2025-01-15\",\n }",{"title":1364,"description":1365,"authors":1370,"heroImage":1366,"date":1373,"category":14,"tags":1374},[1371,1372],"Joshua Carroll","Allie Holland","2025-01-15",[635,14,542,573],{"slug":1376,"featured":6,"template":728},"what-the-digital-operational-resilience-act-means-for-banks","content:en-us:blog:what-the-digital-operational-resilience-act-means-for-banks.yml","What The Digital Operational Resilience Act Means For Banks","en-us/blog/what-the-digital-operational-resilience-act-means-for-banks.yml","en-us/blog/what-the-digital-operational-resilience-act-means-for-banks",{"_path":1382,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1383,"content":1389,"config":1394,"_id":1396,"_type":16,"title":1397,"_source":17,"_file":1398,"_stem":1399,"_extension":20},"/en-us/blog/gitlab-supports-banks-in-navigating-regulatory-challenges",{"title":1384,"description":1385,"ogTitle":1384,"ogDescription":1385,"noIndex":6,"ogImage":1386,"ogUrl":1387,"ogSiteName":918,"ogType":919,"canonicalUrls":1387,"schema":1388},"GitLab supports banks in navigating regulatory challenges","Learn the upcoming changes to key frameworks, how they impact organizations, and the DevSecOps platform features that can help address them.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749664874/Blog/Hero%20Images/AdobeStock_880918603.jpg","https://about.gitlab.com/blog/gitlab-supports-banks-in-navigating-regulatory-challenges","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"GitLab supports banks in navigating regulatory challenges\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"George Kichukov\"},{\"@type\":\"Person\",\"name\":\"Allie Holland\"}],\n \"datePublished\": \"2025-01-09\",\n }",{"title":1384,"description":1385,"authors":1390,"heroImage":1386,"date":1392,"category":14,"tags":1393},[1391,1372],"George Kichukov","2025-01-09",[635,573,542,14],{"slug":1395,"featured":6,"template":728},"gitlab-supports-banks-in-navigating-regulatory-challenges","content:en-us:blog:gitlab-supports-banks-in-navigating-regulatory-challenges.yml","Gitlab Supports Banks In Navigating Regulatory Challenges","en-us/blog/gitlab-supports-banks-in-navigating-regulatory-challenges.yml","en-us/blog/gitlab-supports-banks-in-navigating-regulatory-challenges",{"_path":1401,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1402,"content":1407,"config":1411,"_id":1413,"_type":16,"title":1414,"_source":17,"_file":1415,"_stem":1416,"_extension":20},"/en-us/blog/reduce-supply-chain-risk-with-smarter-vulnerability-prioritization",{"title":1403,"description":1404,"ogTitle":1403,"ogDescription":1404,"noIndex":6,"ogImage":1108,"ogUrl":1405,"ogSiteName":918,"ogType":919,"canonicalUrls":1405,"schema":1406},"Reduce supply chain risk with smarter vulnerability prioritization","New software composition analysis features use risk-based intelligence so developers and security teams can prioritize critical vulnerabilities for targeted remediation.","https://about.gitlab.com/blog/reduce-supply-chain-risk-with-smarter-vulnerability-prioritization","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Reduce supply chain risk with smarter vulnerability prioritization\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Salman Ladha\"}],\n \"datePublished\": \"2025-01-07\",\n }",{"title":1403,"description":1404,"authors":1408,"heroImage":1108,"date":1409,"category":14,"tags":1410},[722],"2025-01-07",[14,780,542,726],{"slug":1412,"featured":92,"template":728},"reduce-supply-chain-risk-with-smarter-vulnerability-prioritization","content:en-us:blog:reduce-supply-chain-risk-with-smarter-vulnerability-prioritization.yml","Reduce Supply Chain Risk With Smarter Vulnerability Prioritization","en-us/blog/reduce-supply-chain-risk-with-smarter-vulnerability-prioritization.yml","en-us/blog/reduce-supply-chain-risk-with-smarter-vulnerability-prioritization",{"_path":1418,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1419,"content":1425,"config":1428,"_id":1430,"_type":16,"title":1431,"_source":17,"_file":1432,"_stem":1433,"_extension":20},"/en-us/blog/streamline-the-path-to-cmmc-level-2-compliance-with-gitlab",{"title":1420,"description":1421,"ogTitle":1420,"ogDescription":1421,"noIndex":6,"ogImage":1422,"ogUrl":1423,"ogSiteName":918,"ogType":919,"canonicalUrls":1423,"schema":1424},"Streamline the path to CMMC Level 2 compliance with GitLab","Learn how GitLab’s comprehensive, AI-powered DevSecOps platform can help organizations meet Cybersecurity Maturity Model Certification Level 2 compliance requirements.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750098208/Blog/Hero%20Images/Blog/Hero%20Images/AdobeStock_479904468%20%281%29_4lmOEVlaXP0YC3hSFmOw6i_1750098208185.jpg","https://about.gitlab.com/blog/streamline-the-path-to-cmmc-level-2-compliance-with-gitlab","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Streamline the path to CMMC Level 2 compliance with GitLab\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Joseph Longo\"}],\n \"datePublished\": \"2025-01-07\",\n }",{"title":1420,"description":1421,"authors":1426,"heroImage":1422,"date":1409,"category":14,"tags":1427},[923],[14,542,185],{"slug":1429,"featured":6,"template":728},"streamline-the-path-to-cmmc-level-2-compliance-with-gitlab","content:en-us:blog:streamline-the-path-to-cmmc-level-2-compliance-with-gitlab.yml","Streamline The Path To Cmmc Level 2 Compliance With Gitlab","en-us/blog/streamline-the-path-to-cmmc-level-2-compliance-with-gitlab.yml","en-us/blog/streamline-the-path-to-cmmc-level-2-compliance-with-gitlab",{"_path":1435,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1436,"content":1441,"config":1446,"_id":1448,"_type":16,"title":1449,"_source":17,"_file":1450,"_stem":1451,"_extension":20},"/en-us/blog/gitlabs-2024-bug-bounty-year-in-review",{"title":1437,"description":1438,"ogTitle":1437,"ogDescription":1438,"noIndex":6,"ogImage":1329,"ogUrl":1439,"ogSiteName":918,"ogType":919,"canonicalUrls":1439,"schema":1440},"GitLab's 2024 bug bounty year in review","Who were the 2024 top 5 bug reporters? Find out in this look back at 12 months of bug hunting. Also learn how to participate in 2025's bug bounty program.","https://about.gitlab.com/blog/gitlabs-2024-bug-bounty-year-in-review","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"GitLab's 2024 bug bounty year in review\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Ottilia Westerlund\"}],\n \"datePublished\": \"2025-01-06\",\n }",{"title":1437,"description":1438,"authors":1442,"heroImage":1329,"date":1444,"category":14,"tags":1445},[1443],"Ottilia Westerlund","2025-01-06",[1041,14,268],{"slug":1447,"featured":6,"template":728},"gitlabs-2024-bug-bounty-year-in-review","content:en-us:blog:gitlabs-2024-bug-bounty-year-in-review.yml","Gitlabs 2024 Bug Bounty Year In Review","en-us/blog/gitlabs-2024-bug-bounty-year-in-review.yml","en-us/blog/gitlabs-2024-bug-bounty-year-in-review",{"_path":1453,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1454,"content":1460,"config":1465,"_id":1467,"_type":16,"title":1468,"_source":17,"_file":1469,"_stem":1470,"_extension":20},"/en-us/blog/3-signs-your-team-is-ready-to-uplevel-security-controls-in-gitlab",{"title":1455,"description":1456,"ogTitle":1455,"ogDescription":1456,"noIndex":6,"ogImage":1457,"ogUrl":1458,"ogSiteName":918,"ogType":919,"canonicalUrls":1458,"schema":1459},"3 signs your team is ready to uplevel security controls in GitLab","Learn when to upgrade your GitLab security practices, from permission management to compliance adherence. Discover key features in GitLab Premium that scale with your team.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749664299/Blog/Hero%20Images/AdobeStock_887599633.jpg","https://about.gitlab.com/blog/3-signs-your-team-is-ready-to-uplevel-security-controls-in-gitlab","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"3 signs your team is ready to uplevel security controls in GitLab\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Julie Griffin\"}],\n \"datePublished\": \"2024-12-18\",\n }",{"title":1455,"description":1456,"authors":1461,"heroImage":1457,"date":1463,"category":14,"tags":1464},[1462],"Julie Griffin","2024-12-18",[14,542,780],{"slug":1466,"featured":92,"template":728},"3-signs-your-team-is-ready-to-uplevel-security-controls-in-gitlab","content:en-us:blog:3-signs-your-team-is-ready-to-uplevel-security-controls-in-gitlab.yml","3 Signs Your Team Is Ready To Uplevel Security Controls In Gitlab","en-us/blog/3-signs-your-team-is-ready-to-uplevel-security-controls-in-gitlab.yml","en-us/blog/3-signs-your-team-is-ready-to-uplevel-security-controls-in-gitlab",{"_path":1472,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1473,"content":1478,"config":1484,"_id":1486,"_type":16,"title":1487,"_source":17,"_file":1488,"_stem":1489,"_extension":20},"/en-us/blog/unveiling-the-guard-framework-to-automate-security-detections-at-gitlab",{"title":1474,"description":1475,"ogTitle":1474,"ogDescription":1475,"noIndex":6,"ogImage":916,"ogUrl":1476,"ogSiteName":918,"ogType":919,"canonicalUrls":1476,"schema":1477},"Unveiling the GUARD framework to automate security detections at GitLab","The GitLab Universal Automated Response and Detection (GUARD) framework spans creation, maintenance, alert routing and handling, rich metrics collection, and more.","https://about.gitlab.com/blog/unveiling-the-guard-framework-to-automate-security-detections-at-gitlab","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Unveiling the GUARD framework to automate security detections at GitLab\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Harjeet Sharma\"},{\"@type\":\"Person\",\"name\":\"Valentine Mairet\"},{\"@type\":\"Person\",\"name\":\"Matt Coons\"}],\n \"datePublished\": \"2024-11-26\",\n }",{"title":1474,"description":1475,"authors":1479,"heroImage":916,"date":1482,"category":14,"tags":1483,"updatedDate":1482},[1480,1481,943],"Harjeet Sharma","Valentine Mairet","2024-11-26",[14,780,542],{"slug":1485,"featured":92,"template":728},"unveiling-the-guard-framework-to-automate-security-detections-at-gitlab","content:en-us:blog:unveiling-the-guard-framework-to-automate-security-detections-at-gitlab.yml","Unveiling The Guard Framework To Automate Security Detections At Gitlab","en-us/blog/unveiling-the-guard-framework-to-automate-security-detections-at-gitlab.yml","en-us/blog/unveiling-the-guard-framework-to-automate-security-detections-at-gitlab",{"_path":1491,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1492,"content":1498,"config":1505,"_id":1507,"_type":16,"title":1508,"_source":17,"_file":1509,"_stem":1510,"_extension":20},"/en-us/blog/enable-secure-sudo-access-for-gitlab-remote-development-workspaces",{"title":1493,"description":1494,"ogTitle":1493,"ogDescription":1494,"noIndex":6,"ogImage":1495,"ogUrl":1496,"ogSiteName":918,"ogType":919,"canonicalUrls":1496,"schema":1497},"Enable secure sudo access for GitLab Remote Development workspaces","Learn how to allow support for sudo commands using Sysbox, Kata Containers, and user namespaces in this easy-to-follow tutorial.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749675033/Blog/Hero%20Images/blog-image-template-1800x945.png","https://about.gitlab.com/blog/enable-secure-sudo-access-for-gitlab-remote-development-workspaces","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Enable secure sudo access for GitLab Remote Development workspaces\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Vishal Tak\"}],\n \"datePublished\": \"2024-11-20\",\n }",{"title":1493,"description":1494,"authors":1499,"heroImage":1495,"date":1501,"category":14,"tags":1502},[1500],"Vishal Tak","2024-11-20",[14,763,1503,542,1504],"remote work","collaboration",{"slug":1506,"featured":92,"template":728},"enable-secure-sudo-access-for-gitlab-remote-development-workspaces","content:en-us:blog:enable-secure-sudo-access-for-gitlab-remote-development-workspaces.yml","Enable Secure Sudo Access For Gitlab Remote Development Workspaces","en-us/blog/enable-secure-sudo-access-for-gitlab-remote-development-workspaces.yml","en-us/blog/enable-secure-sudo-access-for-gitlab-remote-development-workspaces",{"_path":1512,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1513,"content":1519,"config":1523,"_id":1525,"_type":16,"title":1526,"_source":17,"_file":1527,"_stem":1528,"_extension":20},"/en-us/blog/best-practices-to-keep-secrets-out-of-gitlab-repositories",{"title":1514,"description":1515,"ogTitle":1514,"ogDescription":1515,"noIndex":6,"ogImage":1516,"ogUrl":1517,"ogSiteName":918,"ogType":919,"canonicalUrls":1517,"schema":1518},"Best practices to keep secrets out of GitLab repositories","Learn strategies to secure secrets and what to do if secrets are accidentally leaked in a GitLab repository.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749665667/Blog/Hero%20Images/built-in-security.jpg","https://about.gitlab.com/blog/best-practices-to-keep-secrets-out-of-gitlab-repositories","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Best practices to keep secrets out of GitLab repositories\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Matt Coons\"}],\n \"datePublished\": \"2024-10-31\",\n }",{"title":1514,"description":1515,"authors":1520,"heroImage":1516,"date":1521,"category":14,"tags":1522},[943],"2024-10-31",[14],{"slug":1524,"featured":92,"template":728},"best-practices-to-keep-secrets-out-of-gitlab-repositories","content:en-us:blog:best-practices-to-keep-secrets-out-of-gitlab-repositories.yml","Best Practices To Keep Secrets Out Of Gitlab Repositories","en-us/blog/best-practices-to-keep-secrets-out-of-gitlab-repositories.yml","en-us/blog/best-practices-to-keep-secrets-out-of-gitlab-repositories",{"_path":1530,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1531,"content":1537,"config":1543,"_id":1545,"_type":16,"title":1546,"_source":17,"_file":1547,"_stem":1548,"_extension":20},"/en-us/blog/new-cis-gitlab-benchmark-scanner-boosts-security-and-compliance",{"title":1532,"description":1533,"ogTitle":1532,"ogDescription":1533,"noIndex":6,"ogImage":1534,"ogUrl":1535,"ogSiteName":918,"ogType":919,"canonicalUrls":1535,"schema":1536},"New CIS GitLab Benchmark scanner boosts security and compliance","GitLab's gitlabcis scanner determines level of compliance for GitLab projects. Learn how to install and use the tool with this tutorial, as well as what's on the roadmap.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749664530/Blog/Hero%20Images/AdobeStock_282096522.jpg","https://about.gitlab.com/blog/new-cis-gitlab-benchmark-scanner-boosts-security-and-compliance","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"New CIS GitLab Benchmark scanner boosts security and compliance\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Mitra Jozenazemian\"},{\"@type\":\"Person\",\"name\":\"Neil McDonald\"},{\"@type\":\"Person\",\"name\":\"Nate Rosandich\"}],\n \"datePublished\": \"2024-10-29\",\n }",{"title":1532,"description":1533,"authors":1538,"heroImage":1534,"date":1541,"category":14,"tags":1542},[983,1539,1540],"Neil McDonald","Nate Rosandich","2024-10-29",[14,780,573],{"slug":1544,"featured":6,"template":728},"new-cis-gitlab-benchmark-scanner-boosts-security-and-compliance","content:en-us:blog:new-cis-gitlab-benchmark-scanner-boosts-security-and-compliance.yml","New Cis Gitlab Benchmark Scanner Boosts Security And Compliance","en-us/blog/new-cis-gitlab-benchmark-scanner-boosts-security-and-compliance.yml","en-us/blog/new-cis-gitlab-benchmark-scanner-boosts-security-and-compliance",{"_path":1550,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1551,"content":1557,"config":1563,"_id":1565,"_type":16,"title":1566,"_source":17,"_file":1567,"_stem":1568,"_extension":20},"/en-us/blog/5-things-to-know-from-our-linkedin-live-security-deep-dive",{"title":1552,"description":1553,"ogTitle":1552,"ogDescription":1553,"noIndex":6,"ogImage":1554,"ogUrl":1555,"ogSiteName":918,"ogType":919,"canonicalUrls":1555,"schema":1556},"5 things to know from our LinkedIn Live Security Deep Dive","Security experts and product leaders offered their take on new developments in application security and the latest from GitLab 17.5.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749659856/Blog/Hero%20Images/blog-hero-banner-1-0178-820x470-fy25.png","https://about.gitlab.com/blog/5-things-to-know-from-our-linkedin-live-security-deep-dive","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"5 things to know from our LinkedIn Live Security Deep Dive\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Fatima Sarah Khalid\"}],\n \"datePublished\": \"2024-10-28\",\n }",{"title":1552,"description":1553,"authors":1558,"heroImage":1554,"date":1560,"category":14,"tags":1561},[1559],"Fatima Sarah Khalid","2024-10-28",[781,14,1562,573,780],"webcast",{"slug":1564,"featured":92,"template":728},"5-things-to-know-from-our-linkedin-live-security-deep-dive","content:en-us:blog:5-things-to-know-from-our-linkedin-live-security-deep-dive.yml","5 Things To Know From Our Linkedin Live Security Deep Dive","en-us/blog/5-things-to-know-from-our-linkedin-live-security-deep-dive.yml","en-us/blog/5-things-to-know-from-our-linkedin-live-security-deep-dive",{"_path":1570,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1571,"content":1577,"config":1582,"_id":1584,"_type":16,"title":1585,"_source":17,"_file":1586,"_stem":1587,"_extension":20},"/en-us/blog/why-gitlab-is-deprecating-compliance-pipelines-in-favor-of-security-policies",{"title":1572,"description":1573,"ogTitle":1572,"ogDescription":1573,"noIndex":6,"ogImage":1574,"ogUrl":1575,"ogSiteName":918,"ogType":919,"canonicalUrls":1575,"schema":1576},"GitLab moves from compliance pipelines to security policies","Learn about our decision to deprecate compliance pipelines and how to migrate to pipeline execution policies. The process is detailed in this tutorial.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750098128/Blog/Hero%20Images/Blog/Hero%20Images/security-checklist_security-checklist.png_1750098128272.png","https://about.gitlab.com/blog/why-gitlab-is-deprecating-compliance-pipelines-in-favor-of-security-policies","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Why GitLab is deprecating compliance pipelines in favor of security policies\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Ian Khor\"}],\n \"datePublished\": \"2024-10-01\",\n }",{"title":1578,"description":1573,"authors":1579,"heroImage":1574,"date":1580,"category":14,"tags":1581},"Why GitLab is deprecating compliance pipelines in favor of security policies",[1020],"2024-10-01",[14,763,573,110],{"slug":1583,"featured":92,"template":728},"why-gitlab-is-deprecating-compliance-pipelines-in-favor-of-security-policies","content:en-us:blog:why-gitlab-is-deprecating-compliance-pipelines-in-favor-of-security-policies.yml","Why Gitlab Is Deprecating Compliance Pipelines In Favor Of Security Policies","en-us/blog/why-gitlab-is-deprecating-compliance-pipelines-in-favor-of-security-policies.yml","en-us/blog/why-gitlab-is-deprecating-compliance-pipelines-in-favor-of-security-policies",{"_path":1589,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1590,"content":1596,"config":1601,"_id":1603,"_type":16,"title":1604,"_source":17,"_file":1605,"_stem":1606,"_extension":20},"/en-us/blog/gitlab-advanced-sast-is-now-generally-available",{"title":1591,"description":1592,"ogTitle":1591,"ogDescription":1592,"noIndex":6,"ogImage":1593,"ogUrl":1594,"ogSiteName":918,"ogType":919,"canonicalUrls":1594,"schema":1595},"GitLab Advanced SAST is now generally available","Reduce false positives, shorten remediation time, and improve development velocity with a proprietary solution built into GitLab.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749665917/Blog/Hero%20Images/blog-advanced-sast-creative-imagery-0390-1800x945-fy25.png","https://about.gitlab.com/blog/gitlab-advanced-sast-is-now-generally-available","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"GitLab Advanced SAST is now generally available\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Salman Ladha\"},{\"@type\":\"Person\",\"name\":\"Connor Gilbert\"}],\n \"datePublished\": \"2024-09-19\",\n }",{"title":1591,"description":1592,"authors":1597,"heroImage":1593,"date":1599,"category":14,"tags":1600},[722,1598],"Connor Gilbert","2024-09-19",[14,946,780,573,726],{"slug":1602,"featured":92,"template":728},"gitlab-advanced-sast-is-now-generally-available","content:en-us:blog:gitlab-advanced-sast-is-now-generally-available.yml","Gitlab Advanced Sast Is Now Generally Available","en-us/blog/gitlab-advanced-sast-is-now-generally-available.yml","en-us/blog/gitlab-advanced-sast-is-now-generally-available",{"_path":1608,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1609,"content":1615,"config":1618,"_id":1620,"_type":16,"title":1621,"_source":17,"_file":1622,"_stem":1623,"_extension":20},"/en-us/blog/secure-open-source-container-infrastructure-with-gitlab-and-chainguard",{"title":1610,"description":1611,"ogTitle":1610,"ogDescription":1611,"noIndex":6,"ogImage":1612,"ogUrl":1613,"ogSiteName":918,"ogType":919,"canonicalUrls":1613,"schema":1614},"Secure open source container infrastructure with GitLab and Chainguard","Learn how GitLab + Chainguard can help deliver secure containerized applications faster. This tutorial includes easy-to-follow code examples.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750098693/Blog/Hero%20Images/Blog/Hero%20Images/blog-image-template-1800x945%20%2823%29_2w6waL76KROjhJHM2vXet6_1750098693265.png","https://about.gitlab.com/blog/secure-open-source-container-infrastructure-with-gitlab-and-chainguard","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Secure open source container infrastructure with GitLab and Chainguard\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Fernando Diaz\"}],\n \"datePublished\": \"2024-09-09\",\n }",{"title":1610,"description":1611,"authors":1616,"heroImage":1612,"date":1617,"category":14},[759],"2024-09-09",{"slug":1619,"featured":6,"template":728},"secure-open-source-container-infrastructure-with-gitlab-and-chainguard","content:en-us:blog:secure-open-source-container-infrastructure-with-gitlab-and-chainguard.yml","Secure Open Source Container Infrastructure With Gitlab And Chainguard","en-us/blog/secure-open-source-container-infrastructure-with-gitlab-and-chainguard.yml","en-us/blog/secure-open-source-container-infrastructure-with-gitlab-and-chainguard",{"_path":1625,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1626,"content":1632,"config":1638,"_id":1640,"_type":16,"title":1641,"_source":17,"_file":1642,"_stem":1643,"_extension":20},"/en-us/blog/annotate-container-images-with-build-provenance-using-cosign-in-gitlab-ci-cd",{"title":1627,"description":1628,"ogTitle":1627,"ogDescription":1628,"noIndex":6,"ogImage":1629,"ogUrl":1630,"ogSiteName":918,"ogType":919,"canonicalUrls":1630,"schema":1631},"Container image provenance with Cosign in GitLab CI/CD","Use GitLab pipelines to automate building, signing, and annotating Docker images. This tutorial shares code to show you how. Try it out in your own organization.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750098395/Blog/Hero%20Images/Blog/Hero%20Images/blog-image-template-1800x945%20%2823%29_2w6waL76KROjhJHM2vXet6_1750098395162.png","https://about.gitlab.com/blog/annotate-container-images-with-build-provenance-using-cosign-in-gitlab-ci-cd","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Annotate container images with build provenance using Cosign in GitLab CI/CD\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"João Pereira\"},{\"@type\":\"Person\",\"name\":\"Tim Rizzi\"}],\n \"datePublished\": \"2024-09-04\",\n }",{"title":1633,"description":1628,"authors":1634,"heroImage":1629,"date":1636,"category":14,"tags":1637},"Annotate container images with build provenance using Cosign in GitLab CI/CD",[1635,963],"João Pereira","2024-09-04",[14,763,726,780],{"slug":1639,"featured":6,"template":728},"annotate-container-images-with-build-provenance-using-cosign-in-gitlab-ci-cd","content:en-us:blog:annotate-container-images-with-build-provenance-using-cosign-in-gitlab-ci-cd.yml","Annotate Container Images With Build Provenance Using Cosign In Gitlab Ci Cd","en-us/blog/annotate-container-images-with-build-provenance-using-cosign-in-gitlab-ci-cd.yml","en-us/blog/annotate-container-images-with-build-provenance-using-cosign-in-gitlab-ci-cd",{"_path":1645,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1646,"content":1652,"config":1658,"_id":1660,"_type":16,"title":1661,"_source":17,"_file":1662,"_stem":1663,"_extension":20},"/en-us/blog/how-to-choose-the-right-security-scanning-approach",{"title":1647,"description":1648,"ogTitle":1647,"ogDescription":1648,"noIndex":6,"ogImage":1649,"ogUrl":1650,"ogSiteName":918,"ogType":919,"canonicalUrls":1650,"schema":1651},"How to choose the right security scanning approach","GitLab offers multiple scanning methods for CI/CD pipelines, including compliance frameworks and scan and pipeline execution policies. Learn the basics, configurations, and advantages/disadvantages.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750097969/Blog/Hero%20Images/Blog/Hero%20Images/AdobeStock_282096522_securitycompliance.jpeg_1750097968823.jpg","https://about.gitlab.com/blog/how-to-choose-the-right-security-scanning-approach","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How to choose the right security scanning approach\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Matt Genelin\"},{\"@type\":\"Person\",\"name\":\"Mathias Ewald\"}],\n \"datePublished\": \"2024-08-26\",\n }",{"title":1647,"description":1648,"authors":1653,"heroImage":1649,"date":1656,"category":14,"tags":1657},[1654,1655],"Matt Genelin","Mathias Ewald","2024-08-26",[14,763,110],{"slug":1659,"featured":92,"template":728},"how-to-choose-the-right-security-scanning-approach","content:en-us:blog:how-to-choose-the-right-security-scanning-approach.yml","How To Choose The Right Security Scanning Approach","en-us/blog/how-to-choose-the-right-security-scanning-approach.yml","en-us/blog/how-to-choose-the-right-security-scanning-approach",{"_path":1665,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1666,"content":1672,"config":1676,"_id":1678,"_type":16,"title":1679,"_source":17,"_file":1680,"_stem":1681,"_extension":20},"/en-us/blog/how-gitlab-helps-meet-nis2-requirements",{"title":1667,"description":1668,"ogTitle":1667,"ogDescription":1668,"noIndex":6,"ogImage":1669,"ogUrl":1670,"ogSiteName":918,"ogType":919,"canonicalUrls":1670,"schema":1671},"How GitLab helps meet NIS2 requirements","The EU's NIS2 cybersecurity legislation focuses on resilience, incident response, and risk management. Learn how GitLab's DevSecOps platform helps meet these compliance requirements.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749659437/Blog/Hero%20Images/AdobeStock_398929148.jpg","https://about.gitlab.com/blog/how-gitlab-helps-meet-nis2-requirements","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How GitLab helps meet NIS2 requirements\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Joseph Longo\"}],\n \"datePublished\": \"2024-08-20\",\n }",{"title":1667,"description":1668,"authors":1673,"heroImage":1669,"date":1674,"category":14,"tags":1675},[923],"2024-08-20",[542,14,726],{"slug":1677,"featured":92,"template":728},"how-gitlab-helps-meet-nis2-requirements","content:en-us:blog:how-gitlab-helps-meet-nis2-requirements.yml","How Gitlab Helps Meet Nis2 Requirements","en-us/blog/how-gitlab-helps-meet-nis2-requirements.yml","en-us/blog/how-gitlab-helps-meet-nis2-requirements",{"_path":1683,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1684,"content":1690,"config":1696,"_id":1698,"_type":16,"title":1699,"_source":17,"_file":1700,"_stem":1701,"_extension":20},"/en-us/blog/finserv-how-to-implement-gitlabs-separation-of-duties-features",{"title":1685,"description":1686,"ogTitle":1685,"ogDescription":1686,"noIndex":6,"ogImage":1687,"ogUrl":1688,"ogSiteName":918,"ogType":919,"canonicalUrls":1688,"schema":1689},"FinServ: How to implement GitLab's separation of duties features","Learn how GitLab ensures secure, compliant software development with separation of duties in the financial services sector, including features that help adhere to regulatory frameworks.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750097688/Blog/Hero%20Images/Blog/Hero%20Images/blog-image-template-1800x945%20%286%29_6vL96ttKF8zJLLqfPpvFs_1750097687913.png","https://about.gitlab.com/blog/finserv-how-to-implement-gitlabs-separation-of-duties-features","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"FinServ: How to implement GitLab's separation of duties features\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Cherry Han\"},{\"@type\":\"Person\",\"name\":\"Gavin Peltz\"}],\n \"datePublished\": \"2024-08-13\",\n }",{"title":1685,"description":1686,"authors":1691,"heroImage":1687,"date":1694,"category":14,"tags":1695},[1692,1693],"Cherry Han","Gavin Peltz","2024-08-13",[14,542,726,635],{"slug":1697,"featured":6,"template":728},"finserv-how-to-implement-gitlabs-separation-of-duties-features","content:en-us:blog:finserv-how-to-implement-gitlabs-separation-of-duties-features.yml","Finserv How To Implement Gitlabs Separation Of Duties Features","en-us/blog/finserv-how-to-implement-gitlabs-separation-of-duties-features.yml","en-us/blog/finserv-how-to-implement-gitlabs-separation-of-duties-features",{"_path":1703,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1704,"content":1709,"config":1714,"_id":1716,"_type":16,"title":1717,"_source":17,"_file":1718,"_stem":1719,"_extension":20},"/en-us/blog/how-gitlab-supports-the-fedramp-authorization-journey",{"title":1705,"description":1706,"ogTitle":1705,"ogDescription":1706,"noIndex":6,"ogImage":916,"ogUrl":1707,"ogSiteName":918,"ogType":919,"canonicalUrls":1707,"schema":1708},"How GitLab supports the FedRAMP authorization journey","This comprehensive guide dives into the FedRAMP certification process, explaining how GitLab offers guidance and best practices for configuration and compliance.","https://about.gitlab.com/blog/how-gitlab-supports-the-fedramp-authorization-journey","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How GitLab supports the FedRAMP authorization journey\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Christian Nnachi\"}],\n \"datePublished\": \"2024-08-07\",\n }",{"title":1705,"description":1706,"authors":1710,"heroImage":916,"date":1712,"category":14,"tags":1713},[1711],"Christian Nnachi","2024-08-07",[763,185,573],{"slug":1715,"featured":92,"template":728},"how-gitlab-supports-the-fedramp-authorization-journey","content:en-us:blog:how-gitlab-supports-the-fedramp-authorization-journey.yml","How Gitlab Supports The Fedramp Authorization Journey","en-us/blog/how-gitlab-supports-the-fedramp-authorization-journey.yml","en-us/blog/how-gitlab-supports-the-fedramp-authorization-journey",{"_path":1721,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1722,"content":1728,"config":1732,"_id":1734,"_type":16,"title":1735,"_source":17,"_file":1736,"_stem":1737,"_extension":20},"/en-us/blog/get-to-know-the-security-and-governance-updates-in-gitlab-17-17-1",{"title":1723,"description":1724,"ogTitle":1723,"ogDescription":1724,"noIndex":6,"ogImage":1725,"ogUrl":1726,"ogSiteName":918,"ogType":919,"canonicalUrls":1726,"schema":1727},"Get to know the security and governance updates in GitLab 17, 17.1","Dive deep into the new enhancements that can strengthen your organization's security posture, including how-to videos for SAST, DAST, API security, container registry, and more.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750098858/Blog/Hero%20Images/Blog/Hero%20Images/AdobeStock_282096522_securitycompliance.jpeg_1750098857843.jpg","https://about.gitlab.com/blog/get-to-know-the-security-and-governance-updates-in-gitlab-17-17-1","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Get to know the security and governance updates in GitLab 17, 17.1\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Fernando Diaz\"}],\n \"datePublished\": \"2024-07-17\",\n }",{"title":1723,"description":1724,"authors":1729,"heroImage":1725,"date":1730,"category":14,"tags":1731},[759],"2024-07-17",[14,726,763,542,780],{"slug":1733,"featured":92,"template":728},"get-to-know-the-security-and-governance-updates-in-gitlab-17-17-1","content:en-us:blog:get-to-know-the-security-and-governance-updates-in-gitlab-17-17-1.yml","Get To Know The Security And Governance Updates In Gitlab 17 17 1","en-us/blog/get-to-know-the-security-and-governance-updates-in-gitlab-17-17-1.yml","en-us/blog/get-to-know-the-security-and-governance-updates-in-gitlab-17-17-1",{"_path":1739,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1740,"content":1745,"config":1750,"_id":1752,"_type":16,"title":1753,"_source":17,"_file":1754,"_stem":1755,"_extension":20},"/en-us/blog/faq-the-regresshion-vulnerability-and-gitlab",{"title":1741,"description":1742,"ogTitle":1741,"ogDescription":1742,"noIndex":6,"ogImage":898,"ogUrl":1743,"ogSiteName":918,"ogType":919,"canonicalUrls":1743,"schema":1744},"FAQ: The RegreSSHion vulnerability and GitLab","Find out what CVE-2024-6387 is, how it impacts GitLab, and what you need to know to mitigate it in your GitLab environment.","https://about.gitlab.com/blog/faq-the-regresshion-vulnerability-and-gitlab","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"FAQ: The RegreSSHion vulnerability and GitLab\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Mark Loveless\"}],\n \"datePublished\": \"2024-07-09\",\n }",{"title":1741,"description":1742,"authors":1746,"heroImage":898,"date":1748,"category":14,"tags":1749},[1747],"Mark Loveless","2024-07-09",[14],{"slug":1751,"featured":92,"template":728},"faq-the-regresshion-vulnerability-and-gitlab","content:en-us:blog:faq-the-regresshion-vulnerability-and-gitlab.yml","Faq The Regresshion Vulnerability And Gitlab","en-us/blog/faq-the-regresshion-vulnerability-and-gitlab.yml","en-us/blog/faq-the-regresshion-vulnerability-and-gitlab",{"_path":1757,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1758,"content":1764,"config":1771,"_id":1773,"_type":16,"title":1774,"_source":17,"_file":1775,"_stem":1776,"_extension":20},"/en-us/blog/prevent-secret-leaks-in-source-code-with-gitlab-secret-push-protection",{"title":1759,"description":1760,"ogTitle":1759,"ogDescription":1760,"noIndex":6,"ogImage":1761,"ogUrl":1762,"ogSiteName":918,"ogType":919,"canonicalUrls":1762,"schema":1763},"Prevent secret leaks in source code with GitLab Secret Push Protection","Learn how Secret Push Protection, now generally available, adds to a defense-in-depth detection strategy and decreases the resources needed to remediate secret leaks.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750097761/Blog/Hero%20Images/Blog/Hero%20Images/blog-image-template-1800x945%20%286%29_6vL96ttKF8zJLLqfPpvFs_1750097761137.png","https://about.gitlab.com/blog/prevent-secret-leaks-in-source-code-with-gitlab-secret-push-protection","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Prevent secret leaks in source code with GitLab Secret Push Protection\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Amar Patel\"},{\"@type\":\"Person\",\"name\":\"Sara Meadzinger\"}],\n \"datePublished\": \"2024-06-24\",\n }",{"title":1759,"description":1760,"authors":1765,"heroImage":1761,"date":1768,"category":14,"tags":1769,"updatedDate":1770},[1766,1767],"Amar Patel","Sara Meadzinger","2024-06-24",[14,763,780,542,726],"2024-10-17",{"slug":1772,"featured":6,"template":728},"prevent-secret-leaks-in-source-code-with-gitlab-secret-push-protection","content:en-us:blog:prevent-secret-leaks-in-source-code-with-gitlab-secret-push-protection.yml","Prevent Secret Leaks In Source Code With Gitlab Secret Push Protection","en-us/blog/prevent-secret-leaks-in-source-code-with-gitlab-secret-push-protection.yml","en-us/blog/prevent-secret-leaks-in-source-code-with-gitlab-secret-push-protection",{"_path":1778,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1779,"content":1785,"config":1790,"_id":1792,"_type":16,"title":1793,"_source":17,"_file":1794,"_stem":1795,"_extension":20},"/en-us/blog/secure-by-design-principles-meet-devsecops-innovation-in-gitlab-17",{"title":1780,"description":1781,"ogTitle":1780,"ogDescription":1781,"noIndex":6,"ogImage":1782,"ogUrl":1783,"ogSiteName":918,"ogType":919,"canonicalUrls":1783,"schema":1784},"Secure by Design principles meet DevSecOps innovation in GitLab 17","GitLab reinforced a commitment to Secure by Design principles across key aspects of the software development lifecycle in latest release, further protecting the software supply chain.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749676004/Blog/Hero%20Images/blog-image-template-1800x945__6_.png","https://about.gitlab.com/blog/secure-by-design-principles-meet-devsecops-innovation-in-gitlab-17","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Secure by Design principles meet DevSecOps innovation in GitLab 17\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Elisabeth Burrows\"}],\n \"datePublished\": \"2024-06-05\",\n }",{"title":1780,"description":1781,"authors":1786,"heroImage":1782,"date":1788,"category":14,"tags":1789},[1787],"Elisabeth Burrows","2024-06-05",[185,14,542,573],{"slug":1791,"featured":92,"template":728},"secure-by-design-principles-meet-devsecops-innovation-in-gitlab-17","content:en-us:blog:secure-by-design-principles-meet-devsecops-innovation-in-gitlab-17.yml","Secure By Design Principles Meet Devsecops Innovation In Gitlab 17","en-us/blog/secure-by-design-principles-meet-devsecops-innovation-in-gitlab-17.yml","en-us/blog/secure-by-design-principles-meet-devsecops-innovation-in-gitlab-17",{"_path":1797,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1798,"content":1803,"config":1808,"_id":1810,"_type":16,"title":1811,"_source":17,"_file":1812,"_stem":1813,"_extension":20},"/en-us/blog/3-tips-to-improve-your-security-risk-management-program",{"title":1799,"description":1800,"ogTitle":1799,"ogDescription":1800,"noIndex":6,"ogImage":1516,"ogUrl":1801,"ogSiteName":918,"ogType":919,"canonicalUrls":1801,"schema":1802},"3 tips to improve your security risk management program","Establishing a security risk management program is more than just checking the compliance box. Here are a few ways to help better protect information and support strategic decision-making.","https://about.gitlab.com/blog/3-tips-to-improve-your-security-risk-management-program","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"3 tips to improve your security risk management program\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Kyle Smith\"}],\n \"datePublished\": \"2024-05-28\",\n }",{"title":1799,"description":1800,"authors":1804,"heroImage":1516,"date":1806,"category":14,"tags":1807},[1805],"Kyle Smith","2024-05-28",[14,573],{"slug":1809,"featured":92,"template":728},"3-tips-to-improve-your-security-risk-management-program","content:en-us:blog:3-tips-to-improve-your-security-risk-management-program.yml","3 Tips To Improve Your Security Risk Management Program","en-us/blog/3-tips-to-improve-your-security-risk-management-program.yml","en-us/blog/3-tips-to-improve-your-security-risk-management-program",{"_path":1815,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1816,"content":1822,"config":1827,"_id":1829,"_type":16,"title":1830,"_source":17,"_file":1831,"_stem":1832,"_extension":20},"/en-us/blog/7-steps-to-enhance-application-security-without-slowing-developer-velocity",{"title":1817,"description":1818,"ogTitle":1817,"ogDescription":1818,"noIndex":6,"ogImage":1819,"ogUrl":1820,"ogSiteName":918,"ogType":919,"canonicalUrls":1820,"schema":1821},"7 steps to enhance application security without slowing developer velocity","Learn how to incrementally enable scanning to successfully shift-left security while keeping development at pace.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750099154/Blog/Hero%20Images/Blog/Hero%20Images/applicationsecurity_applicationsecurity.png_1750099154308.png","https://about.gitlab.com/blog/7-steps-to-enhance-application-security-without-slowing-developer-velocity","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"7 steps to enhance application security without slowing developer velocity\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Julie Byrne\"}],\n \"datePublished\": \"2024-05-21\",\n }",{"title":1817,"description":1818,"authors":1823,"heroImage":1819,"date":1825,"category":14,"tags":1826},[1824],"Julie Byrne","2024-05-21",[14,573],{"slug":1828,"featured":92,"template":728},"7-steps-to-enhance-application-security-without-slowing-developer-velocity","content:en-us:blog:7-steps-to-enhance-application-security-without-slowing-developer-velocity.yml","7 Steps To Enhance Application Security Without Slowing Developer Velocity","en-us/blog/7-steps-to-enhance-application-security-without-slowing-developer-velocity.yml","en-us/blog/7-steps-to-enhance-application-security-without-slowing-developer-velocity",{"_path":1834,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1835,"content":1840,"config":1846,"_id":1848,"_type":16,"title":1849,"_source":17,"_file":1850,"_stem":1851,"_extension":20},"/en-us/blog/gitlab-native-secrets-manager-to-give-software-supply-chain-security-a-boost",{"title":1836,"description":1837,"ogTitle":1836,"ogDescription":1837,"noIndex":6,"ogImage":1534,"ogUrl":1838,"ogSiteName":918,"ogType":919,"canonicalUrls":1838,"schema":1839},"GitLab native secrets manager boosts supply chain security","GitLab is building a secrets manager that is key to providing an end-to-end, cloud-agnostic approach to the management of sensitive information.","https://about.gitlab.com/blog/gitlab-native-secrets-manager-to-give-software-supply-chain-security-a-boost","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"GitLab native secrets manager to give software supply chain security a boost\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Jocelyn Eillis\"}],\n \"datePublished\": \"2024-05-20\",\n }",{"title":1841,"description":1837,"authors":1842,"heroImage":1534,"date":1844,"category":14,"tags":1845},"GitLab native secrets manager to give software supply chain security a boost",[1843],"Jocelyn Eillis","2024-05-20",[14,780,542],{"slug":1847,"featured":6,"template":728},"gitlab-native-secrets-manager-to-give-software-supply-chain-security-a-boost","content:en-us:blog:gitlab-native-secrets-manager-to-give-software-supply-chain-security-a-boost.yml","Gitlab Native Secrets Manager To Give Software Supply Chain Security A Boost","en-us/blog/gitlab-native-secrets-manager-to-give-software-supply-chain-security-a-boost.yml","en-us/blog/gitlab-native-secrets-manager-to-give-software-supply-chain-security-a-boost",{"_path":1853,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1854,"content":1860,"config":1864,"_id":1866,"_type":16,"title":1867,"_source":17,"_file":1868,"_stem":1869,"_extension":20},"/en-us/blog/detect-application-vulnerabilities-with-gitlabs-browser-based-dast",{"title":1855,"description":1856,"ogTitle":1855,"ogDescription":1856,"noIndex":6,"ogImage":1857,"ogUrl":1858,"ogSiteName":918,"ogType":919,"canonicalUrls":1858,"schema":1859},"Detect application vulnerabilities with GitLab’s browser-based DAST","Learn why you should include dynamic application security testing as part of a defense-in-depth strategy for software development, and how to migrate from proxy-based DAST.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749664923/Blog/Hero%20Images/security-checklist.png","https://about.gitlab.com/blog/detect-application-vulnerabilities-with-gitlabs-browser-based-dast","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Detect application vulnerabilities with GitLab’s browser-based DAST\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Sara Meadzinger\"}],\n \"datePublished\": \"2024-05-13\",\n }",{"title":1855,"description":1856,"authors":1861,"heroImage":1857,"date":1862,"category":14,"tags":1863},[1767],"2024-05-13",[14,764,780,726],{"slug":1865,"featured":92,"template":728},"detect-application-vulnerabilities-with-gitlabs-browser-based-dast","content:en-us:blog:detect-application-vulnerabilities-with-gitlabs-browser-based-dast.yml","Detect Application Vulnerabilities With Gitlabs Browser Based Dast","en-us/blog/detect-application-vulnerabilities-with-gitlabs-browser-based-dast.yml","en-us/blog/detect-application-vulnerabilities-with-gitlabs-browser-based-dast",{"_path":1871,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1872,"content":1877,"config":1882,"_id":1884,"_type":16,"title":1885,"_source":17,"_file":1886,"_stem":1887,"_extension":20},"/en-us/blog/migration-guide-github-advanced-security-to-gitlab-ultimate",{"title":1873,"description":1874,"ogTitle":1873,"ogDescription":1874,"noIndex":6,"ogImage":958,"ogUrl":1875,"ogSiteName":918,"ogType":919,"canonicalUrls":1875,"schema":1876},"Migration guide: GitHub Advanced Security to GitLab Ultimate","Understand the similarities and differences between GitLab Ultimate and GitHub Advanced Security. Then follow this in-depth tutorial to make the move to the GitLab DevSecOps platform.","https://about.gitlab.com/blog/migration-guide-github-advanced-security-to-gitlab-ultimate","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Migration guide: GitHub Advanced Security to GitLab Ultimate\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Fernando Diaz\"}],\n \"datePublished\": \"2024-05-01\",\n }",{"title":1873,"description":1874,"authors":1878,"heroImage":958,"date":1879,"category":14,"tags":1880},[759],"2024-05-01",[763,1881,14,542,764],"zero trust",{"slug":1883,"featured":92,"template":728},"migration-guide-github-advanced-security-to-gitlab-ultimate","content:en-us:blog:migration-guide-github-advanced-security-to-gitlab-ultimate.yml","Migration Guide Github Advanced Security To Gitlab Ultimate","en-us/blog/migration-guide-github-advanced-security-to-gitlab-ultimate.yml","en-us/blog/migration-guide-github-advanced-security-to-gitlab-ultimate",{"_path":1889,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1890,"content":1895,"config":1900,"_id":1902,"_type":16,"title":1903,"_source":17,"_file":1904,"_stem":1905,"_extension":20},"/en-us/blog/happy-birthday-secure-by-design",{"title":1891,"description":1892,"ogTitle":1891,"ogDescription":1892,"noIndex":6,"ogImage":1534,"ogUrl":1893,"ogSiteName":918,"ogType":919,"canonicalUrls":1893,"schema":1894},"Happy birthday, Secure by Design!","The U.S. government's initiative to ensure greater security in software products turns one. Find out what GitLab has done to align with this critical effort.","https://about.gitlab.com/blog/happy-birthday-secure-by-design","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Happy birthday, Secure by Design!\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Joel Krooswyk\"}],\n \"datePublished\": \"2024-04-30\",\n }",{"title":1891,"description":1892,"authors":1896,"heroImage":1534,"date":1898,"category":14,"tags":1899},[1897],"Joel Krooswyk","2024-04-30",[14,542,573,1881,185],{"slug":1901,"featured":92,"template":728},"happy-birthday-secure-by-design","content:en-us:blog:happy-birthday-secure-by-design.yml","Happy Birthday Secure By Design","en-us/blog/happy-birthday-secure-by-design.yml","en-us/blog/happy-birthday-secure-by-design",{"_path":1907,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1908,"content":1913,"config":1918,"_id":1920,"_type":16,"title":1921,"_source":17,"_file":1922,"_stem":1923,"_extension":20},"/en-us/blog/gitlab-introduces-new-cis-benchmark-for-improved-security",{"title":1909,"description":1910,"ogTitle":1909,"ogDescription":1910,"noIndex":6,"ogImage":1857,"ogUrl":1911,"ogSiteName":918,"ogType":919,"canonicalUrls":1911,"schema":1912},"GitLab introduces new CIS Benchmark for improved security","Learn why CIS Benchmarks matter, how the CIS GitLab Benchmark was created, and how to use it to properly secure your GitLab installation.","https://about.gitlab.com/blog/gitlab-introduces-new-cis-benchmark-for-improved-security","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"GitLab introduces new CIS Benchmark for improved security\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Sara Meadzinger\"},{\"@type\":\"Person\",\"name\":\"Ayoub Fandi\"}],\n \"datePublished\": \"2024-04-17\",\n }",{"title":1909,"description":1910,"authors":1914,"heroImage":1857,"date":1916,"category":14,"tags":1917},[1767,1915],"Ayoub Fandi","2024-04-17",[14],{"slug":1919,"featured":6,"template":728},"gitlab-introduces-new-cis-benchmark-for-improved-security","content:en-us:blog:gitlab-introduces-new-cis-benchmark-for-improved-security.yml","Gitlab Introduces New Cis Benchmark For Improved Security","en-us/blog/gitlab-introduces-new-cis-benchmark-for-improved-security.yml","en-us/blog/gitlab-introduces-new-cis-benchmark-for-improved-security",{"_path":1925,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1926,"content":1932,"config":1937,"_id":1939,"_type":16,"title":1940,"_source":17,"_file":1941,"_stem":1942,"_extension":20},"/en-us/blog/integrate-external-security-scanners-into-your-devsecops-workflow",{"title":1927,"description":1928,"ogTitle":1927,"ogDescription":1928,"noIndex":6,"ogImage":1929,"ogUrl":1930,"ogSiteName":918,"ogType":919,"canonicalUrls":1930,"schema":1931},"Integrate external security scanners into your DevSecOps workflow","Learn how to bring Snyk scan results into the merge request widget by parsing JSON artifacts and leveraging the SARIF file format.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750098768/Blog/Hero%20Images/Blog/Hero%20Images/blog-image-template-1800x945%20%282%29_1khno1AUtxuL6zzmEmjK7v_1750098768560.png","https://about.gitlab.com/blog/integrate-external-security-scanners-into-your-devsecops-workflow","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Integrate external security scanners into your DevSecOps workflow\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Sam Morris\"}],\n \"datePublished\": \"2024-04-08\",\n }",{"title":1927,"description":1928,"authors":1933,"heroImage":1929,"date":1935,"category":14,"tags":1936},[1934],"Sam Morris","2024-04-08",[14,763,764],{"slug":1938,"featured":6,"template":728},"integrate-external-security-scanners-into-your-devsecops-workflow","content:en-us:blog:integrate-external-security-scanners-into-your-devsecops-workflow.yml","Integrate External Security Scanners Into Your Devsecops Workflow","en-us/blog/integrate-external-security-scanners-into-your-devsecops-workflow.yml","en-us/blog/integrate-external-security-scanners-into-your-devsecops-workflow",{"_path":1944,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1945,"content":1950,"config":1955,"_id":1957,"_type":16,"title":1958,"_source":17,"_file":1959,"_stem":1960,"_extension":20},"/en-us/blog/important-information-regarding-xz-utils-cve-2024-3094",{"title":1946,"description":1947,"ogTitle":1946,"ogDescription":1947,"noIndex":6,"ogImage":898,"ogUrl":1948,"ogSiteName":918,"ogType":919,"canonicalUrls":1948,"schema":1949},"Important information regarding xz-utils (CVE-2024-3094)","Affected software not used for GitLab.com, GitLab Dedicated, or default self-hosted software packages.","https://about.gitlab.com/blog/important-information-regarding-xz-utils-cve-2024-3094","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Important information regarding xz-utils (CVE-2024-3094)\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Shrishti Choudhary\"}],\n \"datePublished\": \"2024-03-30\",\n }",{"title":1946,"description":1947,"authors":1951,"heroImage":898,"date":1953,"category":14,"tags":1954},[1952],"Shrishti Choudhary","2024-03-30",[14,946],{"slug":1956,"featured":92,"template":728},"important-information-regarding-xz-utils-cve-2024-3094","content:en-us:blog:important-information-regarding-xz-utils-cve-2024-3094.yml","Important Information Regarding Xz Utils Cve 2024 3094","en-us/blog/important-information-regarding-xz-utils-cve-2024-3094.yml","en-us/blog/important-information-regarding-xz-utils-cve-2024-3094",{"_path":1962,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1963,"content":1968,"config":1972,"_id":1974,"_type":16,"title":1975,"_source":17,"_file":1976,"_stem":1977,"_extension":20},"/en-us/blog/coming-soon-gitlab-dependency-firewall",{"title":1964,"description":1965,"ogTitle":1964,"ogDescription":1965,"noIndex":6,"ogImage":1516,"ogUrl":1966,"ogSiteName":918,"ogType":919,"canonicalUrls":1966,"schema":1967},"Coming soon: GitLab dependency firewall","Learn how this new feature will help organizations avoid supply chain software attacks by warning them or blocking the download based on a project's policy.","https://about.gitlab.com/blog/coming-soon-gitlab-dependency-firewall","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Coming soon: GitLab dependency firewall\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Tim Rizzi\"}],\n \"datePublished\": \"2024-03-26\",\n }",{"title":1964,"description":1965,"authors":1969,"heroImage":1516,"date":1970,"category":14,"tags":1971},[963],"2024-03-26",[14,946,780,110],{"slug":1973,"featured":6,"template":728},"coming-soon-gitlab-dependency-firewall","content:en-us:blog:coming-soon-gitlab-dependency-firewall.yml","Coming Soon Gitlab Dependency Firewall","en-us/blog/coming-soon-gitlab-dependency-firewall.yml","en-us/blog/coming-soon-gitlab-dependency-firewall",{"_path":1979,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1980,"content":1985,"config":1991,"_id":1993,"_type":16,"title":1994,"_source":17,"_file":1995,"_stem":1996,"_extension":20},"/en-us/blog/were-combining-patch-and-security-releases",{"title":1981,"description":1982,"ogTitle":1981,"ogDescription":1982,"noIndex":6,"ogImage":898,"ogUrl":1983,"ogSiteName":918,"ogType":919,"canonicalUrls":1983,"schema":1984},"We’re combining patch and security releases","This improvement in our release process matches the industry standard and will help GitLab users get information about security and bug fixes sooner.","https://about.gitlab.com/blog/were-combining-patch-and-security-releases","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"We’re combining patch and security releases\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Sam Wiskow\"}],\n \"datePublished\": \"2024-03-26\",\n }",{"title":1981,"description":1982,"authors":1986,"heroImage":898,"date":1970,"category":14,"tags":1988},[1987],"Sam Wiskow",[1989,14,946,1990],"security releases","patch releases",{"slug":1992,"featured":6,"template":728},"were-combining-patch-and-security-releases","content:en-us:blog:were-combining-patch-and-security-releases.yml","Were Combining Patch And Security Releases","en-us/blog/were-combining-patch-and-security-releases.yml","en-us/blog/were-combining-patch-and-security-releases",{"_path":1998,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":1999,"content":2005,"config":2011,"_id":2013,"_type":16,"title":2014,"_source":17,"_file":2015,"_stem":2016,"_extension":20},"/en-us/blog/simplify-your-cloud-account-management-for-kubernetes-access",{"title":2000,"description":2001,"ogTitle":2000,"ogDescription":2001,"noIndex":6,"ogImage":2002,"ogUrl":2003,"ogSiteName":918,"ogType":919,"canonicalUrls":2003,"schema":2004},"Simplify your cloud account management for Kubernetes access","In this tutorial, learn how to use the GitLab agent for Kubernetes and its user impersonation features for secure cluster access.\n\n","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749670563/Blog/Hero%20Images/cloudcomputing.jpg","https://about.gitlab.com/blog/simplify-your-cloud-account-management-for-kubernetes-access","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Simplify your cloud account management for Kubernetes access\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Viktor Nagy\"}],\n \"datePublished\": \"2024-03-19\",\n }",{"title":2000,"description":2001,"authors":2006,"heroImage":2002,"date":2008,"category":14,"tags":2009},[2007],"Viktor Nagy","2024-03-19",[581,14,2010,763],"kubernetes",{"slug":2012,"featured":92,"template":728},"simplify-your-cloud-account-management-for-kubernetes-access","content:en-us:blog:simplify-your-cloud-account-management-for-kubernetes-access.yml","Simplify Your Cloud Account Management For Kubernetes Access","en-us/blog/simplify-your-cloud-account-management-for-kubernetes-access.yml","en-us/blog/simplify-your-cloud-account-management-for-kubernetes-access",{"_path":2018,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2019,"content":2025,"config":2029,"_id":2031,"_type":16,"title":2032,"_source":17,"_file":2033,"_stem":2034,"_extension":20},"/en-us/blog/the-ultimate-guide-to-least-privilege-access-with-gitlab",{"title":2020,"description":2021,"ogTitle":2020,"ogDescription":2021,"noIndex":6,"ogImage":2022,"ogUrl":2023,"ogSiteName":918,"ogType":919,"canonicalUrls":2023,"schema":2024},"The ultimate guide to least privilege access with GitLab","This tutorial demonstrates how to achieve least privilege access using custom roles, security policies, compliance pipelines, branch protections, and more.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750099438/Blog/Hero%20Images/Blog/Hero%20Images/built-in-security_built-in-security.jpeg_1750099438377.jpg","https://about.gitlab.com/blog/the-ultimate-guide-to-least-privilege-access-with-gitlab","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"The ultimate guide to least privilege access with GitLab\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Fernando Diaz\"}],\n \"datePublished\": \"2024-03-06\",\n }",{"title":2020,"description":2021,"authors":2026,"heroImage":2022,"date":2027,"category":14,"tags":2028},[759],"2024-03-06",[1881,763,14,780],{"slug":2030,"featured":92,"template":728},"the-ultimate-guide-to-least-privilege-access-with-gitlab","content:en-us:blog:the-ultimate-guide-to-least-privilege-access-with-gitlab.yml","The Ultimate Guide To Least Privilege Access With Gitlab","en-us/blog/the-ultimate-guide-to-least-privilege-access-with-gitlab.yml","en-us/blog/the-ultimate-guide-to-least-privilege-access-with-gitlab",{"_path":2036,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2037,"content":2043,"config":2048,"_id":2050,"_type":16,"title":2051,"_source":17,"_file":2052,"_stem":2053,"_extension":20},"/en-us/blog/how-to-detecting-secrets-in-video",{"title":2038,"description":2039,"ogTitle":2038,"ogDescription":2039,"noIndex":6,"ogImage":2040,"ogUrl":2041,"ogSiteName":918,"ogType":919,"canonicalUrls":2041,"schema":2042},"How-to: Detecting secrets in video content ","GitLab’s Security team identifies and mitigates security risks in video content by searching for API keys or other sensitive tokens. Here's how we do it (with an assist from AI) and how you can, too.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750099421/Blog/Hero%20Images/Blog/Hero%20Images/security-checklist_security-checklist.png_1750099421443.png","https://about.gitlab.com/blog/how-to-detecting-secrets-in-video-content","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How-to: Detecting secrets in video content \",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Dennis Appelt\"}],\n \"datePublished\": \"2024-02-29\",\n }",{"title":2038,"description":2039,"authors":2044,"heroImage":2040,"date":2046,"category":14,"tags":2047},[2045],"Dennis Appelt","2024-02-29",[763,1096,14],{"slug":2049,"featured":92,"template":728},"how-to-detecting-secrets-in-video","content:en-us:blog:how-to-detecting-secrets-in-video.yml","How To Detecting Secrets In Video","en-us/blog/how-to-detecting-secrets-in-video.yml","en-us/blog/how-to-detecting-secrets-in-video",{"_path":2055,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2056,"content":2062,"config":2066,"_id":2068,"_type":16,"title":2069,"_source":17,"_file":2070,"_stem":2071,"_extension":20},"/en-us/blog/how-to-integrate-custom-security-scanners-into-gitlab",{"title":2057,"description":2058,"ogTitle":2057,"ogDescription":2058,"noIndex":6,"ogImage":2059,"ogUrl":2060,"ogSiteName":918,"ogType":919,"canonicalUrls":2060,"schema":2061},"How to integrate custom security scanners into GitLab","Learn how to extend the DevSecOps platform by adding custom security scanners to your workflows (includes an easy-to-follow tutorial).","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750097082/Blog/Hero%20Images/Blog/Hero%20Images/securitycheck_securitycheck.png_1750097081856.png","https://about.gitlab.com/blog/how-to-integrate-custom-security-scanners-into-gitlab","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How to integrate custom security scanners into GitLab\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Fernando Diaz\"}],\n \"datePublished\": \"2024-02-27\",\n }",{"title":2057,"description":2058,"authors":2063,"heroImage":2059,"date":2064,"category":14,"tags":2065},[759],"2024-02-27",[763,14,764,542],{"slug":2067,"featured":92,"template":728},"how-to-integrate-custom-security-scanners-into-gitlab","content:en-us:blog:how-to-integrate-custom-security-scanners-into-gitlab.yml","How To Integrate Custom Security Scanners Into Gitlab","en-us/blog/how-to-integrate-custom-security-scanners-into-gitlab.yml","en-us/blog/how-to-integrate-custom-security-scanners-into-gitlab",{"_path":2073,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2074,"content":2080,"config":2088,"_id":2090,"_type":16,"title":2091,"_source":17,"_file":2092,"_stem":2093,"_extension":20},"/en-us/blog/gitlab-drives-automotive-industry-information-security-with-tisax",{"title":2075,"description":2076,"ogTitle":2075,"ogDescription":2076,"noIndex":6,"ogImage":2077,"ogUrl":2078,"ogSiteName":918,"ogType":919,"canonicalUrls":2078,"schema":2079},"GitLab secures automotive industry with TISAX certification","Learn why we pursued this certification and how it will help GitLab customers in the automotive industry.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749659703/Blog/Hero%20Images/AdobeStock_577940357.jpg","https://about.gitlab.com/blog/gitlab-drives-automotive-industry-information-security-with-tisax","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"GitLab drives automotive industry information security with TISAX certification\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Liz Coleman\"}],\n \"datePublished\": \"2024-01-30\",\n }",{"title":2081,"description":2076,"authors":2082,"heroImage":2077,"date":2084,"category":14,"tags":2085},"GitLab drives automotive industry information security with TISAX certification",[2083],"Liz Coleman","2024-01-30",[14,946,2086,2087],"customers","embedded DevOps",{"slug":2089,"featured":6,"template":728},"gitlab-drives-automotive-industry-information-security-with-tisax","content:en-us:blog:gitlab-drives-automotive-industry-information-security-with-tisax.yml","Gitlab Drives Automotive Industry Information Security With Tisax","en-us/blog/gitlab-drives-automotive-industry-information-security-with-tisax.yml","en-us/blog/gitlab-drives-automotive-industry-information-security-with-tisax",{"_path":2095,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2096,"content":2102,"config":2106,"_id":2108,"_type":16,"title":2109,"_source":17,"_file":2110,"_stem":2111,"_extension":20},"/en-us/blog/gitlab-trust-center-welcome-to-self-service-customer-assurance",{"title":2097,"description":2098,"ogTitle":2097,"ogDescription":2098,"noIndex":6,"ogImage":2099,"ogUrl":2100,"ogSiteName":918,"ogType":919,"canonicalUrls":2100,"schema":2101},"GitLab Trust Center: Welcome to self-service customer assurance","The single, unified trust center provides access to security and privacy collateral, streamlined questionnaire submissions, an interactive knowledge base, and GitLab updates.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750099558/Blog/Hero%20Images/Blog/Hero%20Images/gitlabflatlogomap_gitlabflatlogomap.png_1750099558369.png","https://about.gitlab.com/blog/gitlab-trust-center-welcome-to-self-service-customer-assurance","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"GitLab Trust Center: Welcome to self-service customer assurance\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Joseph Longo\"}],\n \"datePublished\": \"2024-01-09\",\n }",{"title":2097,"description":2098,"authors":2103,"heroImage":2099,"date":2104,"category":14,"tags":2105},[923],"2024-01-09",[542,2086,14],{"slug":2107,"featured":92,"template":728},"gitlab-trust-center-welcome-to-self-service-customer-assurance","content:en-us:blog:gitlab-trust-center-welcome-to-self-service-customer-assurance.yml","Gitlab Trust Center Welcome To Self Service Customer Assurance","en-us/blog/gitlab-trust-center-welcome-to-self-service-customer-assurance.yml","en-us/blog/gitlab-trust-center-welcome-to-self-service-customer-assurance",{"_path":2113,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2114,"content":2119,"config":2123,"_id":2125,"_type":16,"title":2126,"_source":17,"_file":2127,"_stem":2128,"_extension":20},"/en-us/blog/the-2023-bug-bounty-year-in-review",{"title":2115,"description":2116,"ogTitle":2115,"ogDescription":2116,"noIndex":6,"ogImage":898,"ogUrl":2117,"ogSiteName":918,"ogType":919,"canonicalUrls":2117,"schema":2118},"The 2023 bug bounty year in review","GitLab's bug bounty program had an incredible year. Learn more about the prizes awarded and the bug reporters who won them.","https://about.gitlab.com/blog/the-2023-bug-bounty-year-in-review","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"The 2023 bug bounty year in review\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Ottilia Westerlund\"}],\n \"datePublished\": \"2024-01-04\",\n }",{"title":2115,"description":2116,"authors":2120,"heroImage":898,"date":2121,"category":14,"tags":2122},[1443],"2024-01-04",[1041,14],{"slug":2124,"featured":6,"template":728},"the-2023-bug-bounty-year-in-review","content:en-us:blog:the-2023-bug-bounty-year-in-review.yml","The 2023 Bug Bounty Year In Review","en-us/blog/the-2023-bug-bounty-year-in-review.yml","en-us/blog/the-2023-bug-bounty-year-in-review",{"_path":2130,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2131,"content":2136,"config":2141,"_id":2143,"_type":16,"title":2144,"_source":17,"_file":2145,"_stem":2146,"_extension":20},"/en-us/blog/how-gitlabs-red-team-automates-c2-testing",{"title":2132,"description":2133,"ogTitle":2132,"ogDescription":2133,"noIndex":6,"ogImage":1516,"ogUrl":2134,"ogSiteName":918,"ogType":919,"canonicalUrls":2134,"schema":2135},"How GitLab's Red Team automates C2 testing ","Learn how to apply professional development practices to Red Teams using open source command and control tools.","https://about.gitlab.com/blog/how-gitlabs-red-team-automates-c2-testing","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How GitLab's Red Team automates C2 testing \",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Josh Feehs\"}],\n \"datePublished\": \"2023-11-28\",\n }",{"title":2132,"description":2133,"authors":2137,"heroImage":1516,"date":2139,"category":14,"tags":2140},[2138],"Josh Feehs","2023-11-28",[14,764,232,763],{"slug":2142,"featured":92,"template":728},"how-gitlabs-red-team-automates-c2-testing","content:en-us:blog:how-gitlabs-red-team-automates-c2-testing.yml","How Gitlabs Red Team Automates C2 Testing","en-us/blog/how-gitlabs-red-team-automates-c2-testing.yml","en-us/blog/how-gitlabs-red-team-automates-c2-testing",{"_path":2148,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2149,"content":2154,"config":2158,"_id":2160,"_type":16,"title":2161,"_source":17,"_file":2162,"_stem":2163,"_extension":20},"/en-us/blog/stealth-operations-the-evolution-of-gitlabs-red-team",{"title":2150,"description":2151,"ogTitle":2150,"ogDescription":2151,"noIndex":6,"ogImage":898,"ogUrl":2152,"ogSiteName":918,"ogType":919,"canonicalUrls":2152,"schema":2153},"Stealth operations: The evolution of GitLab's Red Team","We discuss how GitLab's Red Team has matured over the years, evolving from opportunistic hacking to stealth adversary emulation.","https://about.gitlab.com/blog/stealth-operations-the-evolution-of-gitlabs-red-team","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Stealth operations: The evolution of GitLab's Red Team\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Chris Moberly\"}],\n \"datePublished\": \"2023-11-20\",\n }",{"title":2150,"description":2151,"authors":2155,"heroImage":898,"date":2156,"category":14,"tags":2157},[1131],"2023-11-20",[14,839],{"slug":2159,"featured":92,"template":728},"stealth-operations-the-evolution-of-gitlabs-red-team","content:en-us:blog:stealth-operations-the-evolution-of-gitlabs-red-team.yml","Stealth Operations The Evolution Of Gitlabs Red Team","en-us/blog/stealth-operations-the-evolution-of-gitlabs-red-team.yml","en-us/blog/stealth-operations-the-evolution-of-gitlabs-red-team",{"_path":2165,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2166,"content":2171,"config":2175,"_id":2177,"_type":16,"title":2178,"_source":17,"_file":2179,"_stem":2180,"_extension":20},"/en-us/blog/tips-to-configure-browser-based-dast-scans",{"title":2167,"description":2168,"ogTitle":2167,"ogDescription":2168,"noIndex":6,"ogImage":898,"ogUrl":2169,"ogSiteName":918,"ogType":919,"canonicalUrls":2169,"schema":2170},"Tips to configure browser-based DAST scans","Learn how to use the browser-based analyzer with common dynamic application security testing settings, based on web application attributes, to ensure successful scans.","https://about.gitlab.com/blog/tips-to-configure-browser-based-dast-scans","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Tips to configure browser-based DAST scans\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Julie Byrne\"},{\"@type\":\"Person\",\"name\":\"Jerez Solis\"}],\n \"datePublished\": \"2023-11-14\",\n }",{"title":2167,"description":2168,"authors":2172,"heroImage":898,"date":2173,"category":14,"tags":2174},[1824,1188],"2023-11-14",[14,764,764,763],{"slug":2176,"featured":6,"template":728},"tips-to-configure-browser-based-dast-scans","content:en-us:blog:tips-to-configure-browser-based-dast-scans.yml","Tips To Configure Browser Based Dast Scans","en-us/blog/tips-to-configure-browser-based-dast-scans.yml","en-us/blog/tips-to-configure-browser-based-dast-scans",{"_path":2182,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2183,"content":2189,"config":2194,"_id":2196,"_type":16,"title":2197,"_source":17,"_file":2198,"_stem":2199,"_extension":20},"/en-us/blog/gitlab-response-to-cve-2023-38545",{"title":2184,"description":2185,"ogTitle":2184,"ogDescription":2185,"noIndex":6,"ogImage":2186,"ogUrl":2187,"ogSiteName":918,"ogType":919,"canonicalUrls":2187,"schema":2188},"GitLab's response to curl and libcurl security vulnerability","Learn about CVE-2023-38545, which leverages a heap buffer overflow through the SOCKS5 protocol, and what it means for GitLab customers.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749672878/Blog/Hero%20Images/securityscreen.jpg","https://about.gitlab.com/blog/gitlab-response-to-cve-2023-38545","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"GitLab’s response to a high severity vulnerability impacting curl and libcurl\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Joseph Longo\"}],\n \"datePublished\": \"2023-10-12\",\n }",{"title":2190,"description":2185,"authors":2191,"heroImage":2186,"date":2192,"category":14,"tags":2193},"GitLab’s response to a high severity vulnerability impacting curl and libcurl",[923],"2023-10-12",[14,946],{"slug":2195,"featured":6,"template":728},"gitlab-response-to-cve-2023-38545","content:en-us:blog:gitlab-response-to-cve-2023-38545.yml","Gitlab Response To Cve 2023 38545","en-us/blog/gitlab-response-to-cve-2023-38545.yml","en-us/blog/gitlab-response-to-cve-2023-38545",{"_path":2201,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2202,"content":2207,"config":2212,"_id":2214,"_type":16,"title":2215,"_source":17,"_file":2216,"_stem":2217,"_extension":20},"/en-us/blog/dast-release-first-gitlab-active-check",{"title":2203,"description":2204,"ogTitle":2203,"ogDescription":2204,"noIndex":6,"ogImage":1238,"ogUrl":2205,"ogSiteName":918,"ogType":919,"canonicalUrls":2205,"schema":2206},"Introducing GitLab browser-based active checks in DAST","As of GitLab 16.4, or DAST 4.0.9, browser-based DAST active scans will search for path traversal vulnerabilities using the GitLab check 22.1 instead of the ZAP alert 6.","https://about.gitlab.com/blog/dast-release-first-gitlab-active-check","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Introducing GitLab browser-based active checks in DAST\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Cameron Swords\"}],\n \"datePublished\": \"2023-10-10\",\n }",{"title":2203,"description":2204,"authors":2208,"heroImage":1238,"date":2210,"category":14,"tags":2211},[2209],"Cameron Swords","2023-10-10",[573,726,764,780,14],{"slug":2213,"featured":6,"template":728},"dast-release-first-gitlab-active-check","content:en-us:blog:dast-release-first-gitlab-active-check.yml","Dast Release First Gitlab Active Check","en-us/blog/dast-release-first-gitlab-active-check.yml","en-us/blog/dast-release-first-gitlab-active-check",{"_path":2219,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2220,"content":2226,"config":2230,"_id":2232,"_type":16,"title":2233,"_source":17,"_file":2234,"_stem":2235,"_extension":20},"/en-us/blog/ask-a-hacker",{"title":2221,"description":2222,"ogTitle":2221,"ogDescription":2222,"noIndex":6,"ogImage":2223,"ogUrl":2224,"ogSiteName":918,"ogType":919,"canonicalUrls":2224,"schema":2225},"Ask a hacker - 0xn3va","Vladislav Nechakhin or @0xn3va, one of our top 10 hacker contributors, joined us for an AMA and details his approach and strategy for bug bounty hunting.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749683087/Blog/Hero%20Images/cover-fotis-fotopoulos.png","https://about.gitlab.com/blog/ask-a-hacker","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Ask a hacker - 0xn3va\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Ottilia Westerlund\"}],\n \"datePublished\": \"2023-10-02\",\n }",{"title":2221,"description":2222,"authors":2227,"heroImage":2223,"date":2228,"category":14,"tags":2229},[1443],"2023-10-02",[14,1041],{"slug":2231,"featured":6,"template":728},"ask-a-hacker","content:en-us:blog:ask-a-hacker.yml","Ask A Hacker","en-us/blog/ask-a-hacker.yml","en-us/blog/ask-a-hacker",{"_path":2237,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2238,"content":2243,"config":2248,"_id":2250,"_type":16,"title":2251,"_source":17,"_file":2252,"_stem":2253,"_extension":20},"/en-us/blog/unmasking-password-attacks-at-gitlab",{"title":2239,"description":2240,"ogTitle":2239,"ogDescription":2240,"noIndex":6,"ogImage":1857,"ogUrl":2241,"ogSiteName":918,"ogType":919,"canonicalUrls":2241,"schema":2242},"Unmasking password attacks at GitLab","Our security team has identified an increased volume of password attacks against GitLab.com on the OAuth API endpoint since September 22, 2023. Learn more.","https://about.gitlab.com/blog/unmasking-password-attacks-at-gitlab","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Unmasking password attacks at GitLab\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"GitLab Security Team\"}],\n \"datePublished\": \"2023-09-28\",\n }",{"title":2239,"description":2240,"authors":2244,"heroImage":1857,"date":2246,"category":14,"tags":2247},[2245],"GitLab Security Team","2023-09-28",[14],{"slug":2249,"featured":6,"template":728},"unmasking-password-attacks-at-gitlab","content:en-us:blog:unmasking-password-attacks-at-gitlab.yml","Unmasking Password Attacks At Gitlab","en-us/blog/unmasking-password-attacks-at-gitlab.yml","en-us/blog/unmasking-password-attacks-at-gitlab",{"_path":2255,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2256,"content":2262,"config":2266,"_id":2268,"_type":16,"title":2269,"_source":17,"_file":2270,"_stem":2271,"_extension":20},"/en-us/blog/how-gitlab-supports-the-nsa-and-cisa-cicd-security-guidance",{"title":2257,"description":2258,"ogTitle":2257,"ogDescription":2258,"noIndex":6,"ogImage":2259,"ogUrl":2260,"ogSiteName":918,"ogType":919,"canonicalUrls":2260,"schema":2261},"How GitLab supports NSA and CISA CI/CD security guidance","GitLab can support your alignment with NSA and CISA CI/CD recommendations and best practices for cloud-based DevSecOps environments.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749683032/Blog/Hero%20Images/vaultimage.png","https://about.gitlab.com/blog/how-gitlab-supports-the-nsa-and-cisa-cicd-security-guidance","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How GitLab supports NSA and CISA CI/CD security guidance\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Joseph Longo\"}],\n \"datePublished\": \"2023-09-19\",\n }",{"title":2257,"description":2258,"authors":2263,"heroImage":2259,"date":2264,"category":14,"tags":2265},[923],"2023-09-19",[14,780,2086,110],{"slug":2267,"featured":6,"template":728},"how-gitlab-supports-the-nsa-and-cisa-cicd-security-guidance","content:en-us:blog:how-gitlab-supports-the-nsa-and-cisa-cicd-security-guidance.yml","How Gitlab Supports The Nsa And Cisa Cicd Security Guidance","en-us/blog/how-gitlab-supports-the-nsa-and-cisa-cicd-security-guidance.yml","en-us/blog/how-gitlab-supports-the-nsa-and-cisa-cicd-security-guidance",{"_path":2273,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2274,"content":2280,"config":2285,"_id":2287,"_type":16,"title":2288,"_source":17,"_file":2289,"_stem":2290,"_extension":20},"/en-us/blog/the-ultimate-guide-to-enabling-saml",{"title":2275,"description":2276,"ogTitle":2275,"ogDescription":2276,"noIndex":6,"ogImage":2277,"ogUrl":2278,"ogSiteName":918,"ogType":919,"canonicalUrls":2278,"schema":2279},"The ultimate guide to enabling SAML and SSO on GitLab.com","Learn how to make full use of SAML and SSO security features on the GitLab DevSecOps platform.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749666495/Blog/Hero%20Images/cover-1800x945.png","https://about.gitlab.com/blog/the-ultimate-guide-to-enabling-saml","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"The ultimate guide to enabling SAML and SSO on GitLab.com\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Bradley Lee\"}],\n \"datePublished\": \"2023-09-14\",\n }",{"title":2275,"description":2276,"authors":2281,"heroImage":2277,"date":2283,"category":14,"tags":2284},[2282],"Bradley Lee","2023-09-14",[14,763,542],{"slug":2286,"featured":6,"template":728},"the-ultimate-guide-to-enabling-saml","content:en-us:blog:the-ultimate-guide-to-enabling-saml.yml","The Ultimate Guide To Enabling Saml","en-us/blog/the-ultimate-guide-to-enabling-saml.yml","en-us/blog/the-ultimate-guide-to-enabling-saml",{"_path":2292,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2293,"content":2298,"config":2303,"_id":2305,"_type":16,"title":2306,"_source":17,"_file":2307,"_stem":2308,"_extension":20},"/en-us/blog/keyless-signing-with-cosign",{"title":2294,"description":2295,"ogTitle":2294,"ogDescription":2295,"noIndex":6,"ogImage":1857,"ogUrl":2296,"ogSiteName":918,"ogType":919,"canonicalUrls":2296,"schema":2297},"Streamline security with keyless signing and verification in GitLab","Our partnership with Sigstore means that with just a few lines in a yml file, GitLab customers can make their development environment more secure.","https://about.gitlab.com/blog/keyless-signing-with-cosign","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Streamline security with keyless signing and verification in GitLab\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Sam White\"}],\n \"datePublished\": \"2023-09-13\",\n }",{"title":2294,"description":2295,"authors":2299,"heroImage":1857,"date":2301,"category":14,"tags":2302},[2300],"Sam White","2023-09-13",[14,946,283,232],{"slug":2304,"featured":6,"template":728},"keyless-signing-with-cosign","content:en-us:blog:keyless-signing-with-cosign.yml","Keyless Signing With Cosign","en-us/blog/keyless-signing-with-cosign.yml","en-us/blog/keyless-signing-with-cosign",{"_path":2310,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2311,"content":2317,"config":2321,"_id":2323,"_type":16,"title":2324,"_source":17,"_file":2325,"_stem":2326,"_extension":20},"/en-us/blog/how-gitlab-can-support-your-iso-compliance-journey",{"title":2312,"description":2313,"ogTitle":2312,"ogDescription":2313,"noIndex":6,"ogImage":2314,"ogUrl":2315,"ogSiteName":918,"ogType":919,"canonicalUrls":2315,"schema":2316},"How GitLab can support your ISO 27001 compliance journey","As a strategic partner, GitLab's software security features can help support your ISO 27001 compliance.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749662877/Blog/Hero%20Images/security-cover-new.png","https://about.gitlab.com/blog/how-gitlab-can-support-your-iso-compliance-journey","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How GitLab can support your ISO 27001 compliance journey\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Joseph Longo\"}],\n \"datePublished\": \"2023-09-06\",\n }",{"title":2312,"description":2313,"authors":2318,"heroImage":2314,"date":2319,"category":14,"tags":2320},[923],"2023-09-06",[14,780,2086],{"slug":2322,"featured":6,"template":728},"how-gitlab-can-support-your-iso-compliance-journey","content:en-us:blog:how-gitlab-can-support-your-iso-compliance-journey.yml","How Gitlab Can Support Your Iso Compliance Journey","en-us/blog/how-gitlab-can-support-your-iso-compliance-journey.yml","en-us/blog/how-gitlab-can-support-your-iso-compliance-journey",{"_path":2328,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2329,"content":2334,"config":2340,"_id":2342,"_type":16,"title":2343,"_source":17,"_file":2344,"_stem":2345,"_extension":20},"/en-us/blog/meet-regulatory-standards-with-gitlab",{"title":2330,"description":2331,"ogTitle":2330,"ogDescription":2331,"noIndex":6,"ogImage":883,"ogUrl":2332,"ogSiteName":918,"ogType":919,"canonicalUrls":2332,"schema":2333},"Meet regulatory standards with GitLab security and compliance","Compliance is more than one-off audits; it's a continuous process of managing risk by implementing guardrails and monitoring specific metrics. Learn how with this comprehensive guide.","https://about.gitlab.com/blog/meet-regulatory-standards-with-gitlab","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Meet regulatory standards with GitLab security and compliance\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Abubakar Siddiq Ango\"}],\n \"datePublished\": \"2023-08-17\",\n }",{"title":2330,"description":2331,"authors":2335,"heroImage":883,"date":2337,"category":14,"tags":2338,"updatedDate":2339},[2336],"Abubakar Siddiq Ango","2023-08-17",[573,542,14,185],"2024-08-22",{"slug":2341,"featured":6,"template":728},"meet-regulatory-standards-with-gitlab","content:en-us:blog:meet-regulatory-standards-with-gitlab.yml","Meet Regulatory Standards With Gitlab","en-us/blog/meet-regulatory-standards-with-gitlab.yml","en-us/blog/meet-regulatory-standards-with-gitlab",{"_path":2347,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2348,"content":2353,"config":2357,"_id":2359,"_type":16,"title":2360,"_source":17,"_file":2361,"_stem":2362,"_extension":20},"/en-us/blog/gitlab-mitre-attack-navigator",{"title":2349,"description":2350,"ogTitle":2349,"ogDescription":2350,"noIndex":6,"ogImage":1516,"ogUrl":2351,"ogSiteName":918,"ogType":919,"canonicalUrls":2351,"schema":2352},"Use GitLab and MITRE ATT&CK Navigator to visualize adversary techniques","This tutorial helps build and deploy a customized version of MITRE's ATT&CK Navigator using GitLab CI/CD and GitLab Pages.","https://about.gitlab.com/blog/gitlab-mitre-attack-navigator","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Use GitLab and MITRE ATT&CK Navigator to visualize adversary techniques\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Chris Moberly\"}],\n \"datePublished\": \"2023-08-09\",\n }",{"title":2349,"description":2350,"authors":2354,"heroImage":1516,"date":2355,"category":14,"tags":2356},[1131],"2023-08-09",[14,1096,763,110],{"slug":2358,"featured":6,"template":728},"gitlab-mitre-attack-navigator","content:en-us:blog:gitlab-mitre-attack-navigator.yml","Gitlab Mitre Attack Navigator","en-us/blog/gitlab-mitre-attack-navigator.yml","en-us/blog/gitlab-mitre-attack-navigator",{"_path":2364,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2365,"content":2370,"config":2374,"_id":2376,"_type":16,"title":2377,"_source":17,"_file":2378,"_stem":2379,"_extension":20},"/en-us/blog/gitlab-security-hardening-documentation",{"title":2366,"description":2367,"ogTitle":2366,"ogDescription":2367,"noIndex":6,"ogImage":1516,"ogUrl":2368,"ogSiteName":918,"ogType":919,"canonicalUrls":2368,"schema":2369},"The backstory on GitLab's security hardening documentation","GitLab has detailed documentation about how to harden your instance, now as a part of GitLab itself. Here's how it came to be.","https://about.gitlab.com/blog/gitlab-security-hardening-documentation","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"The backstory on GitLab's security hardening documentation\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Mark Loveless\"}],\n \"datePublished\": \"2023-08-01\",\n }",{"title":2366,"description":2367,"authors":2371,"heroImage":1516,"date":2372,"category":14,"tags":2373},[1747],"2023-08-01",[14,581,573],{"slug":2375,"featured":6,"template":728},"gitlab-security-hardening-documentation","content:en-us:blog:gitlab-security-hardening-documentation.yml","Gitlab Security Hardening Documentation","en-us/blog/gitlab-security-hardening-documentation.yml","en-us/blog/gitlab-security-hardening-documentation",{"_path":2381,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2382,"content":2388,"config":2393,"_id":2395,"_type":16,"title":2396,"_source":17,"_file":2397,"_stem":2398,"_extension":20},"/en-us/blog/secureflag-integrated-with-gitlab-for-rapid-vulnerability-remediation",{"title":2383,"description":2384,"ogTitle":2383,"ogDescription":2384,"noIndex":6,"ogImage":2385,"ogUrl":2386,"ogSiteName":918,"ogType":919,"canonicalUrls":2386,"schema":2387},"SecureFlag integrated with GitLab for rapid vulnerability remediation","Empower developers with hands-on security training within the DevSecOps platform.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749679321/Blog/Hero%20Images/cover_image_secureflag.png","https://about.gitlab.com/blog/secureflag-integrated-with-gitlab-for-rapid-vulnerability-remediation","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"SecureFlag integrated with GitLab for rapid vulnerability remediation\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Alana Bellucci\"}],\n \"datePublished\": \"2023-06-29\",\n }",{"title":2383,"description":2384,"authors":2389,"heroImage":2385,"date":2391,"category":14,"tags":2392},[2390],"Alana Bellucci","2023-06-29",[14,573,726,780],{"slug":2394,"featured":6,"template":728},"secureflag-integrated-with-gitlab-for-rapid-vulnerability-remediation","content:en-us:blog:secureflag-integrated-with-gitlab-for-rapid-vulnerability-remediation.yml","Secureflag Integrated With Gitlab For Rapid Vulnerability Remediation","en-us/blog/secureflag-integrated-with-gitlab-for-rapid-vulnerability-remediation.yml","en-us/blog/secureflag-integrated-with-gitlab-for-rapid-vulnerability-remediation",{"_path":2400,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2401,"content":2407,"config":2413,"_id":2415,"_type":16,"title":2416,"_source":17,"_file":2417,"_stem":2418,"_extension":20},"/en-us/blog/introduction-of-oidc-modules-for-integration-between-google-cloud-and-gitlab-ci",{"title":2402,"description":2403,"ogTitle":2402,"ogDescription":2403,"noIndex":6,"ogImage":2404,"ogUrl":2405,"ogSiteName":918,"ogType":919,"canonicalUrls":2405,"schema":2406},"OIDC simplifies GitLab CI/CD authentication with Google Cloud","OpenID Connect can sometimes be complex, but it's the safer and recommended way to authenticate your GitLab pipeline with Google Cloud. This tutorial shows you how.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749669863/Blog/Hero%20Images/security-pipelines.jpg","https://about.gitlab.com/blog/introduction-of-oidc-modules-for-integration-between-google-cloud-and-gitlab-ci","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How OIDC can simplify authentication of GitLab CI/CD pipelines with Google Cloud\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Hiroki Suezawa\"},{\"@type\":\"Person\",\"name\":\"Dhruv Jain\"}],\n \"datePublished\": \"2023-06-28\",\n }",{"title":2408,"description":2403,"authors":2409,"heroImage":2404,"date":2411,"category":14,"tags":2412},"How OIDC can simplify authentication of GitLab CI/CD pipelines with Google Cloud",[982,2410],"Dhruv Jain","2023-06-28",[763,110,14,581],{"slug":2414,"featured":6,"template":728},"introduction-of-oidc-modules-for-integration-between-google-cloud-and-gitlab-ci","content:en-us:blog:introduction-of-oidc-modules-for-integration-between-google-cloud-and-gitlab-ci.yml","Introduction Of Oidc Modules For Integration Between Google Cloud And Gitlab Ci","en-us/blog/introduction-of-oidc-modules-for-integration-between-google-cloud-and-gitlab-ci.yml","en-us/blog/introduction-of-oidc-modules-for-integration-between-google-cloud-and-gitlab-ci",{"_path":2420,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2421,"content":2427,"config":2432,"_id":2434,"_type":16,"title":2435,"_source":17,"_file":2436,"_stem":2437,"_extension":20},"/en-us/blog/managing-multiple-environments-with-terraform-and-gitlab-ci",{"title":2422,"description":2423,"ogTitle":2422,"ogDescription":2423,"noIndex":6,"ogImage":2424,"ogUrl":2425,"ogSiteName":918,"ogType":919,"canonicalUrls":2425,"schema":2426},"Managing multiple environments with Terraform and GitLab CI","This tutorial shows how to set up and manage three different environments in one project using GitLab CI and Terraform.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749663779/Blog/Hero%20Images/cicd-2018_blogimage.jpg","https://about.gitlab.com/blog/managing-multiple-environments-with-terraform-and-gitlab-ci","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Managing multiple environments with Terraform and GitLab CI\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Sophia Manicor\"},{\"@type\":\"Person\",\"name\":\"Noah Ing\"}],\n \"datePublished\": \"2023-06-14\",\n }",{"title":2422,"description":2423,"authors":2428,"heroImage":2424,"date":2430,"category":14,"tags":2431},[2429,1187],"Sophia Manicor","2023-06-14",[563,1354,573,14],{"slug":2433,"featured":6,"template":728},"managing-multiple-environments-with-terraform-and-gitlab-ci","content:en-us:blog:managing-multiple-environments-with-terraform-and-gitlab-ci.yml","Managing Multiple Environments With Terraform And Gitlab Ci","en-us/blog/managing-multiple-environments-with-terraform-and-gitlab-ci.yml","en-us/blog/managing-multiple-environments-with-terraform-and-gitlab-ci",{"_path":2439,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2440,"content":2445,"config":2449,"_id":2451,"_type":16,"title":2452,"_source":17,"_file":2453,"_stem":2454,"_extension":20},"/en-us/blog/how-secret-detection-can-proactively-revoke-leaked-credentials",{"title":2441,"description":2442,"ogTitle":2441,"ogDescription":2442,"noIndex":6,"ogImage":1857,"ogUrl":2443,"ogSiteName":918,"ogType":919,"canonicalUrls":2443,"schema":2444},"How Secret Detection can proactively revoke leaked credentials","GitLab extends Secret Detection capabilities to customers on Google Cloud.","https://about.gitlab.com/blog/how-secret-detection-can-proactively-revoke-leaked-credentials","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How Secret Detection can proactively revoke leaked credentials\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Connor Gilbert\"}],\n \"datePublished\": \"2023-06-13\",\n }",{"title":2441,"description":2442,"authors":2446,"heroImage":1857,"date":2447,"category":14,"tags":2448},[1598],"2023-06-13",[14,581,283],{"slug":2450,"featured":6,"template":728},"how-secret-detection-can-proactively-revoke-leaked-credentials","content:en-us:blog:how-secret-detection-can-proactively-revoke-leaked-credentials.yml","How Secret Detection Can Proactively Revoke Leaked Credentials","en-us/blog/how-secret-detection-can-proactively-revoke-leaked-credentials.yml","en-us/blog/how-secret-detection-can-proactively-revoke-leaked-credentials",{"_path":2456,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2457,"content":2462,"config":2467,"_id":2469,"_type":16,"title":2470,"_source":17,"_file":2471,"_stem":2472,"_extension":20},"/en-us/blog/securing-your-code-on-gitlab",{"title":2458,"description":2459,"ogTitle":2458,"ogDescription":2459,"noIndex":6,"ogImage":2404,"ogUrl":2460,"ogSiteName":918,"ogType":919,"canonicalUrls":2460,"schema":2461},"The ultimate guide to securing your code on GitLab.com","This in-depth tutorial, complete with best practices, will help you secure your development environment.","https://about.gitlab.com/blog/securing-your-code-on-gitlab","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"The ultimate guide to securing your code on GitLab.com\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Steve Grossman\"}],\n \"datePublished\": \"2023-05-31\",\n }",{"title":2458,"description":2459,"authors":2463,"heroImage":2404,"date":2465,"category":14,"tags":2466},[2464],"Steve Grossman","2023-05-31",[763,542],{"slug":2468,"featured":6,"template":728},"securing-your-code-on-gitlab","content:en-us:blog:securing-your-code-on-gitlab.yml","Securing Your Code On Gitlab","en-us/blog/securing-your-code-on-gitlab.yml","en-us/blog/securing-your-code-on-gitlab",{"_path":2474,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2475,"content":2480,"config":2484,"_id":2486,"_type":16,"title":2487,"_source":17,"_file":2488,"_stem":2489,"_extension":20},"/en-us/blog/memory-safe-vs-unsafe",{"title":2476,"description":2477,"ogTitle":2476,"ogDescription":2477,"noIndex":6,"ogImage":2186,"ogUrl":2478,"ogSiteName":918,"ogType":919,"canonicalUrls":2478,"schema":2479},"How to secure memory-safe vs. manually managed languages","Learn how GitLab reduces source code risk using scanning, vulnerability management, and other key features.","https://about.gitlab.com/blog/memory-safe-vs-unsafe","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How to secure memory-safe vs. manually managed languages\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Fernando Diaz\"}],\n \"datePublished\": \"2023-03-14\",\n }",{"title":2476,"description":2477,"authors":2481,"heroImage":2186,"date":2482,"category":14,"tags":2483},[759],"2023-03-14",[14,573,763],{"slug":2485,"featured":6,"template":728},"memory-safe-vs-unsafe","content:en-us:blog:memory-safe-vs-unsafe.yml","Memory Safe Vs Unsafe","en-us/blog/memory-safe-vs-unsafe.yml","en-us/blog/memory-safe-vs-unsafe",{"_path":2491,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2492,"content":2498,"config":2503,"_id":2505,"_type":16,"title":2506,"_source":17,"_file":2507,"_stem":2508,"_extension":20},"/en-us/blog/actioning-security-vulnerabilities-in-gitlab-premium",{"title":2493,"description":2494,"ogTitle":2493,"ogDescription":2494,"noIndex":6,"ogImage":2495,"ogUrl":2496,"ogSiteName":918,"ogType":919,"canonicalUrls":2496,"schema":2497},"How to action security vulnerabilities in GitLab Premium","Learn step-by-step how to process detected vulnerabilities and spawn merge request approval rules from critical vulnerabilities.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750099637/Blog/Hero%20Images/Blog/Hero%20Images/security-pipelines_security-pipelines.jpg_1750099637178.jpg","https://about.gitlab.com/blog/actioning-security-vulnerabilities-in-gitlab-premium","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How to action security vulnerabilities in GitLab Premium\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Sam Morris\"},{\"@type\":\"Person\",\"name\":\"Noah Ing\"}],\n \"datePublished\": \"2023-03-13\",\n }",{"title":2493,"description":2494,"authors":2499,"heroImage":2495,"date":2500,"category":14,"tags":2501},[1934,1187],"2023-03-13",[14,573,1354,2502,763],"CD",{"slug":2504,"featured":6,"template":728},"actioning-security-vulnerabilities-in-gitlab-premium","content:en-us:blog:actioning-security-vulnerabilities-in-gitlab-premium.yml","Actioning Security Vulnerabilities In Gitlab Premium","en-us/blog/actioning-security-vulnerabilities-in-gitlab-premium.yml","en-us/blog/actioning-security-vulnerabilities-in-gitlab-premium",{"_path":2510,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2511,"content":2516,"config":2521,"_id":2523,"_type":16,"title":2524,"_source":17,"_file":2525,"_stem":2526,"_extension":20},"/en-us/blog/accelerate-state-of-devops-report-key-takeaways",{"title":2512,"description":2513,"ogTitle":2512,"ogDescription":2513,"noIndex":6,"ogImage":2424,"ogUrl":2514,"ogSiteName":918,"ogType":919,"canonicalUrls":2514,"schema":2515},"Software supply chain security practices seeing only modest adoption","DORA Accelerate State of DevOps report shows opportunity lies within better security practices, including a focus on culture.","https://about.gitlab.com/blog/accelerate-state-of-devops-report-key-takeaways","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Software supply chain security practices seeing only modest adoption\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Aathira Nair\"}],\n \"datePublished\": \"2023-02-21\",\n }",{"title":2512,"description":2513,"authors":2517,"heroImage":2424,"date":2519,"category":14,"tags":2520},[2518],"Aathira Nair","2023-02-21",[563,14,1562],{"slug":2522,"featured":6,"template":728},"accelerate-state-of-devops-report-key-takeaways","content:en-us:blog:accelerate-state-of-devops-report-key-takeaways.yml","Accelerate State Of Devops Report Key Takeaways","en-us/blog/accelerate-state-of-devops-report-key-takeaways.yml","en-us/blog/accelerate-state-of-devops-report-key-takeaways",{"_path":2528,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2529,"content":2535,"config":2540,"_id":2542,"_type":16,"title":2543,"_source":17,"_file":2544,"_stem":2545,"_extension":20},"/en-us/blog/git-security-audit",{"title":2530,"description":2531,"ogTitle":2530,"ogDescription":2531,"noIndex":6,"ogImage":2532,"ogUrl":2533,"ogSiteName":918,"ogType":919,"canonicalUrls":2533,"schema":2534},"Git security audit: Inside the hunt for - and discovery of - CVEs","Get a behind-the-scenes look at how I helped discover the vulnerability that became CVE-2022-41903.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749668524/Blog/Hero%20Images/closeup-photo-of-black-and-blue-keyboard-1194713.jpg","https://about.gitlab.com/blog/git-security-audit","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Git security audit: Inside the hunt for - and discovery of - CVEs\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Joern Schneeweisz\"}],\n \"datePublished\": \"2023-01-24\",\n }",{"title":2530,"description":2531,"authors":2536,"heroImage":2532,"date":2538,"category":14,"tags":2539},[2537],"Joern Schneeweisz","2023-01-24",[14,1337],{"slug":2541,"featured":6,"template":728},"git-security-audit","content:en-us:blog:git-security-audit.yml","Git Security Audit","en-us/blog/git-security-audit.yml","en-us/blog/git-security-audit",{"_path":2547,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2548,"content":2554,"config":2558,"_id":2560,"_type":16,"title":2561,"_source":17,"_file":2562,"_stem":2563,"_extension":20},"/en-us/blog/monitor-web-attack-surface-with-gitlab",{"title":2549,"description":2550,"ogTitle":2549,"ogDescription":2550,"noIndex":6,"ogImage":2551,"ogUrl":2552,"ogSiteName":918,"ogType":919,"canonicalUrls":2552,"schema":2553},"Monitor your web attack surface with GitLab CI/CD and GitLab Pages","Use this tutorial to build an automated web application screenshot report.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749682233/Blog/Hero%20Images/aleks-dahlberg-glass-unsplash.jpg","https://about.gitlab.com/blog/monitor-web-attack-surface-with-gitlab","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Monitor your web attack surface with GitLab CI/CD and GitLab Pages\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Chris Moberly\"}],\n \"datePublished\": \"2023-01-11\",\n }",{"title":2549,"description":2550,"authors":2555,"heroImage":2551,"date":2556,"category":14,"tags":2557},[1131],"2023-01-11",[14,1096],{"slug":2559,"featured":6,"template":728},"monitor-web-attack-surface-with-gitlab","content:en-us:blog:monitor-web-attack-surface-with-gitlab.yml","Monitor Web Attack Surface With Gitlab","en-us/blog/monitor-web-attack-surface-with-gitlab.yml","en-us/blog/monitor-web-attack-surface-with-gitlab",{"_path":2565,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2566,"content":2572,"config":2577,"_id":2579,"_type":16,"title":2580,"_source":17,"_file":2581,"_stem":2582,"_extension":20},"/en-us/blog/why-2022-was-a-record-breaking-year-in-bug-bounty-awards",{"title":2567,"description":2568,"ogTitle":2567,"ogDescription":2568,"noIndex":6,"ogImage":2569,"ogUrl":2570,"ogSiteName":918,"ogType":919,"canonicalUrls":2570,"schema":2571},"Why 2022 was a record-breaking year in bug bounty awards","Find out about the researchers who together earned more than $1 million USD in prizes and their bug hunting contributions.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749679034/Blog/Hero%20Images/inside-gitLab-public-bug-bounty-program.png","https://about.gitlab.com/blog/why-2022-was-a-record-breaking-year-in-bug-bounty-awards","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Why 2022 was a record-breaking year in bug bounty awards\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Nick Malcolm\"}],\n \"datePublished\": \"2022-12-19\",\n }",{"title":2567,"description":2568,"authors":2573,"heroImage":2569,"date":2575,"category":14,"tags":2576},[2574],"Nick Malcolm","2022-12-19",[14,1041,268],{"slug":2578,"featured":6,"template":728},"why-2022-was-a-record-breaking-year-in-bug-bounty-awards","content:en-us:blog:why-2022-was-a-record-breaking-year-in-bug-bounty-awards.yml","Why 2022 Was A Record Breaking Year In Bug Bounty Awards","en-us/blog/why-2022-was-a-record-breaking-year-in-bug-bounty-awards.yml","en-us/blog/why-2022-was-a-record-breaking-year-in-bug-bounty-awards",{"_path":2584,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2585,"content":2591,"config":2596,"_id":2598,"_type":16,"title":2599,"_source":17,"_file":2600,"_stem":2601,"_extension":20},"/en-us/blog/achieve-slsa-level-2-compliance-with-gitlab",{"title":2586,"description":2587,"ogTitle":2586,"ogDescription":2587,"noIndex":6,"ogImage":2588,"ogUrl":2589,"ogSiteName":918,"ogType":919,"canonicalUrls":2589,"schema":2590},"Achieve SLSA Level 2 compliance with GitLab","Compliance mandates call for controls to prevent software tampering, improve integrity of builds and artifacts, and support attestation. Here's how GitLab can help.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749667094/Blog/Hero%20Images/container-security.jpg","https://about.gitlab.com/blog/achieve-slsa-level-2-compliance-with-gitlab","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Achieve SLSA Level 2 compliance with GitLab\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Sandra Gittlen\"}],\n \"datePublished\": \"2022-11-30\",\n }",{"title":2586,"description":2587,"authors":2592,"heroImage":2588,"date":2594,"category":14,"tags":2595},[2593],"Sandra Gittlen","2022-11-30",[573,14,1096,185],{"slug":2597,"featured":6,"template":728},"achieve-slsa-level-2-compliance-with-gitlab","content:en-us:blog:achieve-slsa-level-2-compliance-with-gitlab.yml","Achieve Slsa Level 2 Compliance With Gitlab","en-us/blog/achieve-slsa-level-2-compliance-with-gitlab.yml","en-us/blog/achieve-slsa-level-2-compliance-with-gitlab",{"_path":2603,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2604,"content":2610,"config":2616,"_id":2618,"_type":16,"title":2619,"_source":17,"_file":2620,"_stem":2621,"_extension":20},"/en-us/blog/how-we-boosted-webauthn-adoption-from-20-percent-to-93-percent-in-2-days",{"title":2605,"description":2606,"ogTitle":2605,"ogDescription":2606,"noIndex":6,"ogImage":2607,"ogUrl":2608,"ogSiteName":918,"ogType":919,"canonicalUrls":2608,"schema":2609},"How we boosted WebAuthn adoption from 20 percent to 93 percent in two days","With phishing campaigns on the rise across the industry, we accelerated rollout of a program to further enhance our security hygiene program. This is how we did it.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749682498/Blog/Hero%20Images/webauthn.jpg","https://about.gitlab.com/blog/how-we-boosted-webauthn-adoption-from-20-percent-to-93-percent-in-2-days","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How we boosted WebAuthn adoption from 20 percent to 93 percent in two days\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Eric Rubin\"}],\n \"datePublished\": \"2022-11-09\",\n }",{"title":2605,"description":2606,"authors":2611,"heroImage":2607,"date":2613,"category":14,"tags":2614},[2612],"Eric Rubin","2022-11-09",[14,2615,839],"performance",{"slug":2617,"featured":6,"template":728},"how-we-boosted-webauthn-adoption-from-20-percent-to-93-percent-in-2-days","content:en-us:blog:how-we-boosted-webauthn-adoption-from-20-percent-to-93-percent-in-2-days.yml","How We Boosted Webauthn Adoption From 20 Percent To 93 Percent In 2 Days","en-us/blog/how-we-boosted-webauthn-adoption-from-20-percent-to-93-percent-in-2-days.yml","en-us/blog/how-we-boosted-webauthn-adoption-from-20-percent-to-93-percent-in-2-days",{"_path":2623,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2624,"content":2630,"config":2635,"_id":2637,"_type":16,"title":2638,"_source":17,"_file":2639,"_stem":2640,"_extension":20},"/en-us/blog/top-challenges-to-securing-the-software-supply-chain",{"title":2625,"description":2626,"ogTitle":2625,"ogDescription":2626,"noIndex":6,"ogImage":2627,"ogUrl":2628,"ogSiteName":918,"ogType":919,"canonicalUrls":2628,"schema":2629},"Top challenges to securing the software supply chain","Learn what organizations should keep in mind while incorporating software supply chain security into their software development lifecycle.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749668437/Blog/Hero%20Images/faster-cycle-times.jpg","https://about.gitlab.com/blog/top-challenges-to-securing-the-software-supply-chain","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Top challenges to securing the software supply chain\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Chandler Gibbons\"}],\n \"datePublished\": \"2022-11-07\",\n }",{"title":2625,"description":2626,"authors":2631,"heroImage":2627,"date":2633,"category":14,"tags":2634},[2632],"Chandler Gibbons","2022-11-07",[14,1096],{"slug":2636,"featured":6,"template":728},"top-challenges-to-securing-the-software-supply-chain","content:en-us:blog:top-challenges-to-securing-the-software-supply-chain.yml","Top Challenges To Securing The Software Supply Chain","en-us/blog/top-challenges-to-securing-the-software-supply-chain.yml","en-us/blog/top-challenges-to-securing-the-software-supply-chain",{"_path":2642,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2643,"content":2649,"config":2653,"_id":2655,"_type":16,"title":2656,"_source":17,"_file":2657,"_stem":2658,"_extension":20},"/en-us/blog/new-openssl-30-vulnerabilities-what-you-need-to-know-to-find-and-fix-them",{"title":2644,"description":2645,"ogTitle":2644,"ogDescription":2645,"noIndex":6,"ogImage":2646,"ogUrl":2647,"ogSiteName":918,"ogType":919,"canonicalUrls":2647,"schema":2648},"New OpenSSL 3.0 vulnerabilities: What you need to know to find and fix them","Learn how to identify your risk for CVE-2022-3786 and CVE-2022-3602.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749679348/Blog/Hero%20Images/locks.jpg","https://about.gitlab.com/blog/new-openssl-30-vulnerabilities-what-you-need-to-know-to-find-and-fix-them","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"New OpenSSL 3.0 vulnerabilities: What you need to know to find and fix them\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"GitLab Security Team\"}],\n \"datePublished\": \"2022-11-01\",\n }",{"title":2644,"description":2645,"authors":2650,"heroImage":2646,"date":2651,"category":14,"tags":2652},[2245],"2022-11-01",[14,1096,946],{"slug":2654,"featured":6,"template":728},"new-openssl-30-vulnerabilities-what-you-need-to-know-to-find-and-fix-them","content:en-us:blog:new-openssl-30-vulnerabilities-what-you-need-to-know-to-find-and-fix-them.yml","New Openssl 30 Vulnerabilities What You Need To Know To Find And Fix Them","en-us/blog/new-openssl-30-vulnerabilities-what-you-need-to-know-to-find-and-fix-them.yml","en-us/blog/new-openssl-30-vulnerabilities-what-you-need-to-know-to-find-and-fix-them",{"_path":2660,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2661,"content":2667,"config":2672,"_id":2674,"_type":16,"title":2675,"_source":17,"_file":2676,"_stem":2677,"_extension":20},"/en-us/blog/the-ultimate-guide-to-sboms",{"title":2662,"description":2663,"ogTitle":2662,"ogDescription":2663,"noIndex":6,"ogImage":2664,"ogUrl":2665,"ogSiteName":918,"ogType":919,"canonicalUrls":2665,"schema":2666},"The ultimate guide to SBOMs","Learn what a software bill of materials is and why it has become an integral part of modern software development.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749664571/Blog/Hero%20Images/blog-image-template-1800x945__8_.png","https://about.gitlab.com/blog/the-ultimate-guide-to-sboms","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"The ultimate guide to SBOMs\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Sandra Gittlen\"}],\n \"datePublished\": \"2022-10-25\",\n }",{"title":2662,"description":2663,"authors":2668,"heroImage":2664,"date":2669,"category":14,"tags":2670,"updatedDate":2671},[2593],"2022-10-25",[14,573,2615,1096,185],"2024-05-02",{"slug":2673,"featured":6,"template":728},"the-ultimate-guide-to-sboms","content:en-us:blog:the-ultimate-guide-to-sboms.yml","The Ultimate Guide To Sboms","en-us/blog/the-ultimate-guide-to-sboms.yml","en-us/blog/the-ultimate-guide-to-sboms",{"_path":2679,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2680,"content":2686,"config":2691,"_id":2693,"_type":16,"title":2694,"_source":17,"_file":2695,"_stem":2696,"_extension":20},"/en-us/blog/fast-and-efficient-sbom-with-gitlab-and-rezilion",{"title":2681,"description":2682,"ogTitle":2681,"ogDescription":2682,"noIndex":6,"ogImage":2683,"ogUrl":2684,"ogSiteName":918,"ogType":919,"canonicalUrls":2684,"schema":2685},"Meet the demand for SBOMs with GitLab and Rezilion","Learn the role of SBOMs in helping to secure your software supply chain and how to generate them with the GitLab + Rezilion integration.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749672849/Blog/Hero%20Images/jessica-lewis-fJXv46LT7Xk-unsplash.jpg","https://about.gitlab.com/blog/fast-and-efficient-sbom-with-gitlab-and-rezilion","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Meet the demand for SBOMs and supply chain security with GitLab and Rezilion\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Fernando Diaz\"}],\n \"datePublished\": \"2022-10-17\",\n }",{"title":2687,"description":2682,"authors":2688,"heroImage":2683,"date":2689,"category":14,"tags":2690},"Meet the demand for SBOMs and supply chain security with GitLab and Rezilion",[759],"2022-10-17",[14,283,232],{"slug":2692,"featured":6,"template":728},"fast-and-efficient-sbom-with-gitlab-and-rezilion","content:en-us:blog:fast-and-efficient-sbom-with-gitlab-and-rezilion.yml","Fast And Efficient Sbom With Gitlab And Rezilion","en-us/blog/fast-and-efficient-sbom-with-gitlab-and-rezilion.yml","en-us/blog/fast-and-efficient-sbom-with-gitlab-and-rezilion",{"_path":2698,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2699,"content":2704,"config":2709,"_id":2711,"_type":16,"title":2712,"_source":17,"_file":2713,"_stem":2714,"_extension":20},"/en-us/blog/using-gitlab-pages-lets-encrypt",{"title":2700,"description":2701,"ogTitle":2700,"ogDescription":2701,"noIndex":6,"ogImage":2588,"ogUrl":2702,"ogSiteName":918,"ogType":919,"canonicalUrls":2702,"schema":2703},"GitLab and Let's Encrypt partner to improve website security","Learn how to add a Let's Encrypt TLS certificate to a website hosted and managed via GitLab Pages.","https://about.gitlab.com/blog/using-gitlab-pages-lets-encrypt","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"GitLab and Let's Encrypt partner to improve website security\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Fatima Sarah Khalid\"},{\"@type\":\"Person\",\"name\":\"Bryan Behrenshausen\"}],\n \"datePublished\": \"2022-09-29\",\n }",{"title":2700,"description":2701,"authors":2705,"heroImage":2588,"date":2707,"category":14,"tags":2708},[1559,2706],"Bryan Behrenshausen","2022-09-29",[1096,14,268],{"slug":2710,"featured":6,"template":728},"using-gitlab-pages-lets-encrypt","content:en-us:blog:using-gitlab-pages-lets-encrypt.yml","Using Gitlab Pages Lets Encrypt","en-us/blog/using-gitlab-pages-lets-encrypt.yml","en-us/blog/using-gitlab-pages-lets-encrypt",{"_path":2716,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2717,"content":2723,"config":2728,"_id":2730,"_type":16,"title":2731,"_source":17,"_file":2732,"_stem":2733,"_extension":20},"/en-us/blog/introducing-the-infrastructure-bill-of-materials",{"title":2718,"description":2719,"ogTitle":2718,"ogDescription":2719,"noIndex":6,"ogImage":2720,"ogUrl":2721,"ogSiteName":918,"ogType":919,"canonicalUrls":2721,"schema":2722},"Introducing the infrastructure bill of materials","Pair IBoMs and SBOMs for a more secure software supply chain.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749671160/Blog/Hero%20Images/ibom.jpg","https://about.gitlab.com/blog/introducing-the-infrastructure-bill-of-materials","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Introducing the infrastructure bill of materials\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Cindy Blake\"}],\n \"datePublished\": \"2022-09-22\",\n }",{"title":2718,"description":2719,"authors":2724,"heroImage":2720,"date":2726,"category":14,"tags":2727},[2725],"Cindy Blake","2022-09-22",[14,232,1096],{"slug":2729,"featured":6,"template":728},"introducing-the-infrastructure-bill-of-materials","content:en-us:blog:introducing-the-infrastructure-bill-of-materials.yml","Introducing The Infrastructure Bill Of Materials","en-us/blog/introducing-the-infrastructure-bill-of-materials.yml","en-us/blog/introducing-the-infrastructure-bill-of-materials",{"_path":2735,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2736,"content":2742,"config":2747,"_id":2749,"_type":16,"title":2750,"_source":17,"_file":2751,"_stem":2752,"_extension":20},"/en-us/blog/capture-the-flag-in-our-bug-bounty-program",{"title":2737,"description":2738,"ogTitle":2737,"ogDescription":2738,"noIndex":6,"ogImage":2739,"ogUrl":2740,"ogSiteName":918,"ogType":919,"canonicalUrls":2740,"schema":2741},"Give it a go: Capture the flag for $20K USD in our bug bounty program","We created a private project containing a file with a flag. Use a permission-related vulnerability to bypass access control (without user interaction) and read the flag for a $20K USD bonus.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749670960/Blog/Hero%20Images/sigmund-i2VgGp5BwJg-unsplash.jpg","https://about.gitlab.com/blog/capture-the-flag-in-our-bug-bounty-program","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Give it a go: Capture the flag for $20K USD in our bug bounty program\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Heather Simpson\"}],\n \"datePublished\": \"2022-08-24\",\n }",{"title":2737,"description":2738,"authors":2743,"heroImage":2739,"date":2745,"category":14,"tags":2746},[2744],"Heather Simpson","2022-08-24",[14],{"slug":2748,"featured":6,"template":728},"capture-the-flag-in-our-bug-bounty-program","content:en-us:blog:capture-the-flag-in-our-bug-bounty-program.yml","Capture The Flag In Our Bug Bounty Program","en-us/blog/capture-the-flag-in-our-bug-bounty-program.yml","en-us/blog/capture-the-flag-in-our-bug-bounty-program",{"_path":2754,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2755,"content":2761,"config":2767,"_id":2769,"_type":16,"title":2770,"_source":17,"_file":2771,"_stem":2772,"_extension":20},"/en-us/blog/gitlab-adds-further-measures-to-combat-credential-stuffing-and-other-types-of-platform-abuse",{"title":2756,"description":2757,"ogTitle":2756,"ogDescription":2757,"noIndex":6,"ogImage":2758,"ogUrl":2759,"ogSiteName":918,"ogType":919,"canonicalUrls":2759,"schema":2760},"How GitLab is fighting credential stuffing and platform abuse","Integration of fraud detection and prevention tool into authentication flow increases risk reduction.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749671606/Blog/Hero%20Images/workflow-tips-security-quality-cover.jpg","https://about.gitlab.com/blog/gitlab-adds-further-measures-to-combat-credential-stuffing-and-other-types-of-platform-abuse","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"GitLab adds further measures to combat credential stuffing and other types of platform abuse\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Monmayuri Ray\"}],\n \"datePublished\": \"2022-08-19\",\n }",{"title":2762,"description":2757,"authors":2763,"heroImage":2758,"date":2765,"category":14,"tags":2766},"GitLab adds further measures to combat credential stuffing and other types of platform abuse",[2764],"Monmayuri Ray","2022-08-19",[563,839,14],{"slug":2768,"featured":6,"template":728},"gitlab-adds-further-measures-to-combat-credential-stuffing-and-other-types-of-platform-abuse","content:en-us:blog:gitlab-adds-further-measures-to-combat-credential-stuffing-and-other-types-of-platform-abuse.yml","Gitlab Adds Further Measures To Combat Credential Stuffing And Other Types Of Platform Abuse","en-us/blog/gitlab-adds-further-measures-to-combat-credential-stuffing-and-other-types-of-platform-abuse.yml","en-us/blog/gitlab-adds-further-measures-to-combat-credential-stuffing-and-other-types-of-platform-abuse",{"_path":2774,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2775,"content":2781,"config":2785,"_id":2787,"_type":16,"title":2788,"_source":17,"_file":2789,"_stem":2790,"_extension":20},"/en-us/blog/why-devops-and-zero-trust-go-together",{"title":2776,"description":2777,"ogTitle":2776,"ogDescription":2777,"noIndex":6,"ogImage":2778,"ogUrl":2779,"ogSiteName":918,"ogType":919,"canonicalUrls":2779,"schema":2780},"Why DevOps and zero trust go together","Learn how DevOps and zero trust have matured into a solid pairing and the security considerations that come into play.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749683257/Blog/Hero%20Images/devopszerotrust.jpg","https://about.gitlab.com/blog/why-devops-and-zero-trust-go-together","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Why DevOps and zero trust go together\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Sandra Gittlen\"}],\n \"datePublished\": \"2022-08-17\",\n }",{"title":2776,"description":2777,"authors":2782,"heroImage":2778,"date":2783,"category":14,"tags":2784},[2593],"2022-08-17",[563,14,780],{"slug":2786,"featured":6,"template":728},"why-devops-and-zero-trust-go-together","content:en-us:blog:why-devops-and-zero-trust-go-together.yml","Why Devops And Zero Trust Go Together","en-us/blog/why-devops-and-zero-trust-go-together.yml","en-us/blog/why-devops-and-zero-trust-go-together",{"_path":2792,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2793,"content":2799,"config":2804,"_id":2806,"_type":16,"title":2807,"_source":17,"_file":2808,"_stem":2809,"_extension":20},"/en-us/blog/the-importance-of-compliance-in-devops",{"title":2794,"description":2795,"ogTitle":2794,"ogDescription":2795,"noIndex":6,"ogImage":2796,"ogUrl":2797,"ogSiteName":918,"ogType":919,"canonicalUrls":2797,"schema":2798},"The importance of compliance in DevOps","A basic understanding of what compliance means and how it impacts DevOps.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749670037/Blog/Hero%20Images/auto-deploy-google-cloud.jpg","https://about.gitlab.com/blog/the-importance-of-compliance-in-devops","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"The importance of compliance in DevOps\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Lauren Minning\"}],\n \"datePublished\": \"2022-08-15\",\n }",{"title":2794,"description":2795,"authors":2800,"heroImage":2796,"date":2802,"category":14,"tags":2803},[2801],"Lauren Minning","2022-08-15",[563,14,2615],{"slug":2805,"featured":6,"template":728},"the-importance-of-compliance-in-devops","content:en-us:blog:the-importance-of-compliance-in-devops.yml","The Importance Of Compliance In Devops","en-us/blog/the-importance-of-compliance-in-devops.yml","en-us/blog/the-importance-of-compliance-in-devops",{"_path":2811,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2812,"content":2818,"config":2822,"_id":2824,"_type":16,"title":2825,"_source":17,"_file":2826,"_stem":2827,"_extension":20},"/en-us/blog/securing-the-software-supply-chain-through-automated-attestation",{"title":2813,"description":2814,"ogTitle":2813,"ogDescription":2814,"noIndex":6,"ogImage":2815,"ogUrl":2816,"ogSiteName":918,"ogType":919,"canonicalUrls":2816,"schema":2817},"Securing the software supply chain through automated attestation","Standards bodies want to know how orgs are protecting against software tampering. Learn how automating compliance attestation can help.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749667086/Blog/Hero%20Images/blog-compliance.jpg","https://about.gitlab.com/blog/securing-the-software-supply-chain-through-automated-attestation","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Securing the software supply chain through automated attestation\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Sandra Gittlen\"}],\n \"datePublished\": \"2022-08-10\",\n }",{"title":2813,"description":2814,"authors":2819,"heroImage":2815,"date":2820,"category":14,"tags":2821},[2593],"2022-08-10",[563,14,1096,185],{"slug":2823,"featured":6,"template":728},"securing-the-software-supply-chain-through-automated-attestation","content:en-us:blog:securing-the-software-supply-chain-through-automated-attestation.yml","Securing The Software Supply Chain Through Automated Attestation","en-us/blog/securing-the-software-supply-chain-through-automated-attestation.yml","en-us/blog/securing-the-software-supply-chain-through-automated-attestation",{"_path":2829,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2830,"content":2836,"config":2840,"_id":2842,"_type":16,"title":2843,"_source":17,"_file":2844,"_stem":2845,"_extension":20},"/en-us/blog/cracking-our-bug-bounty-top-10",{"title":2831,"description":2832,"ogTitle":2831,"ogDescription":2832,"noIndex":6,"ogImage":2833,"ogUrl":2834,"ogSiteName":918,"ogType":919,"canonicalUrls":2834,"schema":2835},"Want to start hacking? Here's how to quickly dive in","We asked one of our top 10 hacker contributors, Johan Carlsson, to share his novel approach to bug bounty hunting.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749670967/Blog/Hero%20Images/hack-gtlab-keyboard.png","https://about.gitlab.com/blog/cracking-our-bug-bounty-top-10","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Want to start hacking? Here's how to quickly dive in\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Heather Simpson\"}],\n \"datePublished\": \"2022-07-27\",\n }",{"title":2831,"description":2832,"authors":2837,"heroImage":2833,"date":2838,"category":14,"tags":2839},[2744],"2022-07-27",[14,1041],{"slug":2841,"featured":6,"template":728},"cracking-our-bug-bounty-top-10","content:en-us:blog:cracking-our-bug-bounty-top-10.yml","Cracking Our Bug Bounty Top 10","en-us/blog/cracking-our-bug-bounty-top-10.yml","en-us/blog/cracking-our-bug-bounty-top-10",{"_path":2847,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2848,"content":2854,"config":2858,"_id":2860,"_type":16,"title":2861,"_source":17,"_file":2862,"_stem":2863,"_extension":20},"/en-us/blog/top-5-compliance-features-to-leverage-in-gitlab",{"title":2849,"description":2850,"ogTitle":2849,"ogDescription":2850,"noIndex":6,"ogImage":2851,"ogUrl":2852,"ogSiteName":918,"ogType":919,"canonicalUrls":2852,"schema":2853},"Top 5 compliance features to leverage in GitLab","Highlighting features we use daily, our security team outlines 5 ways to configure your GitLab instance for increased security and compliance.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749679391/Blog/Hero%20Images/pexels-5strike.jpg","https://about.gitlab.com/blog/top-5-compliance-features-to-leverage-in-gitlab","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Top 5 compliance features to leverage in GitLab\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Madeline Lake\"}],\n \"datePublished\": \"2022-07-13\",\n }",{"title":2849,"description":2850,"authors":2855,"heroImage":2851,"date":2856,"category":14,"tags":2857},[835],"2022-07-13",[14],{"slug":2859,"featured":6,"template":728},"top-5-compliance-features-to-leverage-in-gitlab","content:en-us:blog:top-5-compliance-features-to-leverage-in-gitlab.yml","Top 5 Compliance Features To Leverage In Gitlab","en-us/blog/top-5-compliance-features-to-leverage-in-gitlab.yml","en-us/blog/top-5-compliance-features-to-leverage-in-gitlab",{"_path":2865,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2866,"content":2871,"config":2878,"_id":2880,"_type":16,"title":2881,"_source":17,"_file":2882,"_stem":2883,"_extension":20},"/en-us/blog/tackle-nists-plan-of-action-and-milestones-with-gitlabs-risk-management-features",{"title":2867,"description":2868,"ogTitle":2867,"ogDescription":2868,"noIndex":6,"ogImage":2815,"ogUrl":2869,"ogSiteName":918,"ogType":919,"canonicalUrls":2869,"schema":2870},"Managing risk with GitLab's plan of actions & milestones","The One DevOps Platform helps identify interdependencies and vulnerabilities as required by government compliance frameworks.","https://about.gitlab.com/blog/tackle-nists-plan-of-action-and-milestones-with-gitlabs-risk-management-features","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Tackle a Plan of Actions and Milestones with GitLab’s risk management features\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Sameer Kamani\"}],\n \"datePublished\": \"2022-07-07\",\n }",{"title":2872,"description":2868,"authors":2873,"heroImage":2815,"date":2875,"category":14,"tags":2876},"Tackle a Plan of Actions and Milestones with GitLab’s risk management features",[2874],"Sameer Kamani","2022-07-07",[563,2877,14],"DevOps platform",{"slug":2879,"featured":6,"template":728},"tackle-nists-plan-of-action-and-milestones-with-gitlabs-risk-management-features","content:en-us:blog:tackle-nists-plan-of-action-and-milestones-with-gitlabs-risk-management-features.yml","Tackle Nists Plan Of Action And Milestones With Gitlabs Risk Management Features","en-us/blog/tackle-nists-plan-of-action-and-milestones-with-gitlabs-risk-management-features.yml","en-us/blog/tackle-nists-plan-of-action-and-milestones-with-gitlabs-risk-management-features",{"_path":2885,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2886,"content":2892,"config":2898,"_id":2900,"_type":16,"title":2901,"_source":17,"_file":2902,"_stem":2903,"_extension":20},"/en-us/blog/use-streaming-audit-events-to-connect-your-technology-stack-with-gitlab-and-pipedream",{"title":2887,"description":2888,"ogTitle":2887,"ogDescription":2888,"noIndex":6,"ogImage":2889,"ogUrl":2890,"ogSiteName":918,"ogType":919,"canonicalUrls":2890,"schema":2891},"Streaming audit events: Connect GitLab to your tech stack","Automation lets your DevSecOps teams have logic in place for how to handle events as they come in.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749667845/Blog/Hero%20Images/gl15.jpg","https://about.gitlab.com/blog/use-streaming-audit-events-to-connect-your-technology-stack-with-gitlab-and-pipedream","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Use Streaming Audit Events to connect your technology stack with GitLab and Pipedream\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Sam Kerr\"}],\n \"datePublished\": \"2022-06-27\",\n }",{"title":2893,"description":2888,"authors":2894,"heroImage":2889,"date":2896,"category":14,"tags":2897},"Use Streaming Audit Events to connect your technology stack with GitLab and Pipedream",[2895],"Sam Kerr","2022-06-27",[563,232,14],{"slug":2899,"featured":6,"template":728},"use-streaming-audit-events-to-connect-your-technology-stack-with-gitlab-and-pipedream","content:en-us:blog:use-streaming-audit-events-to-connect-your-technology-stack-with-gitlab-and-pipedream.yml","Use Streaming Audit Events To Connect Your Technology Stack With Gitlab And Pipedream","en-us/blog/use-streaming-audit-events-to-connect-your-technology-stack-with-gitlab-and-pipedream.yml","en-us/blog/use-streaming-audit-events-to-connect-your-technology-stack-with-gitlab-and-pipedream",{"_path":2905,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2906,"content":2911,"config":2916,"_id":2918,"_type":16,"title":2919,"_source":17,"_file":2920,"_stem":2921,"_extension":20},"/en-us/blog/security-gitlab-15",{"title":2907,"description":2908,"ogTitle":2907,"ogDescription":2908,"noIndex":6,"ogImage":2889,"ogUrl":2909,"ogSiteName":918,"ogType":919,"canonicalUrls":2909,"schema":2910},"GitLab's Commitment to Enhanced AppSec in Modern DevOps","Security abounds in our latest DevOps platform release, GitLab 15.","https://about.gitlab.com/blog/security-gitlab-15","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"GitLab's commitment to enhanced application security in the modern DevOps world\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Fernando Diaz\"}],\n \"datePublished\": \"2022-06-21\",\n }",{"title":2912,"description":2908,"authors":2913,"heroImage":2889,"date":2914,"category":14,"tags":2915},"GitLab's commitment to enhanced application security in the modern DevOps world",[759],"2022-06-21",[14,563],{"slug":2917,"featured":6,"template":728},"security-gitlab-15","content:en-us:blog:security-gitlab-15.yml","Security Gitlab 15","en-us/blog/security-gitlab-15.yml","en-us/blog/security-gitlab-15",{"_path":2923,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2924,"content":2930,"config":2935,"_id":2937,"_type":16,"title":2938,"_source":17,"_file":2939,"_stem":2940,"_extension":20},"/en-us/blog/terraform-as-part-of-software-supply-chain-part1-modules-and-providers",{"title":2925,"description":2926,"ogTitle":2925,"ogDescription":2926,"noIndex":6,"ogImage":2927,"ogUrl":2928,"ogSiteName":918,"ogType":919,"canonicalUrls":2928,"schema":2929},"Terraform in the software supply chain: Modules & providers","We examine the supply chain aspects of Terraform, starting with a closer look at malicious Terraform modules and providers and how you can better secure them.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749682329/Blog/Hero%20Images/pexels-mateusz-dach-353641.jpg","https://about.gitlab.com/blog/terraform-as-part-of-software-supply-chain-part1-modules-and-providers","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Terraform as part of the software supply chain, Part 1 - Modules and Providers\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Joern Schneeweisz\"}],\n \"datePublished\": \"2022-06-01\",\n }",{"title":2931,"description":2926,"authors":2932,"heroImage":2927,"date":2933,"category":14,"tags":2934},"Terraform as part of the software supply chain, Part 1 - Modules and Providers",[2537],"2022-06-01",[14],{"slug":2936,"featured":6,"template":728},"terraform-as-part-of-software-supply-chain-part1-modules-and-providers","content:en-us:blog:terraform-as-part-of-software-supply-chain-part1-modules-and-providers.yml","Terraform As Part Of Software Supply Chain Part1 Modules And Providers","en-us/blog/terraform-as-part-of-software-supply-chain-part1-modules-and-providers.yml","en-us/blog/terraform-as-part-of-software-supply-chain-part1-modules-and-providers",{"_path":2942,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2943,"content":2949,"config":2953,"_id":2955,"_type":16,"title":2956,"_source":17,"_file":2957,"_stem":2958,"_extension":20},"/en-us/blog/how-we-run-red-team-operations-remotely",{"title":2944,"description":2945,"ogTitle":2944,"ogDescription":2945,"noIndex":6,"ogImage":2946,"ogUrl":2947,"ogSiteName":918,"ogType":919,"canonicalUrls":2947,"schema":2948},"How we run Red Team operations remotely","Our team shares the process and templates that drive our successful red team ops in our all-remote environment.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749679403/Blog/Hero%20Images/pexels-andrey-grushnikov-707676_crop.jpg","https://about.gitlab.com/blog/how-we-run-red-team-operations-remotely","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How we run Red Team operations remotely\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Chris Moberly\"}],\n \"datePublished\": \"2022-05-11\",\n }",{"title":2944,"description":2945,"authors":2950,"heroImage":2946,"date":2951,"category":14,"tags":2952},[1131],"2022-05-11",[14],{"slug":2954,"featured":6,"template":728},"how-we-run-red-team-operations-remotely","content:en-us:blog:how-we-run-red-team-operations-remotely.yml","How We Run Red Team Operations Remotely","en-us/blog/how-we-run-red-team-operations-remotely.yml","en-us/blog/how-we-run-red-team-operations-remotely",{"_path":2960,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2961,"content":2966,"config":2971,"_id":2973,"_type":16,"title":2974,"_source":17,"_file":2975,"_stem":2976,"_extension":20},"/en-us/blog/one-devops-platform-can-help-you-achieve-devsecops",{"title":2962,"description":2963,"ogTitle":2962,"ogDescription":2963,"noIndex":6,"ogImage":2646,"ogUrl":2964,"ogSiteName":918,"ogType":919,"canonicalUrls":2964,"schema":2965},"One DevOps platform can help you achieve DevSecOps","GitLab drives innovation in the AST market to secure cloud-native applications.","https://about.gitlab.com/blog/one-devops-platform-can-help-you-achieve-devsecops","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"One DevOps platform can help you achieve DevSecOps\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Sandra Gittlen\"}],\n \"datePublished\": \"2022-05-09\",\n }",{"title":2962,"description":2963,"authors":2967,"heroImage":2646,"date":2968,"category":14,"tags":2969},[2593],"2022-05-09",[563,573,2970,14,764],"research",{"slug":2972,"featured":6,"template":728},"one-devops-platform-can-help-you-achieve-devsecops","content:en-us:blog:one-devops-platform-can-help-you-achieve-devsecops.yml","One Devops Platform Can Help You Achieve Devsecops","en-us/blog/one-devops-platform-can-help-you-achieve-devsecops.yml","en-us/blog/one-devops-platform-can-help-you-achieve-devsecops",{"_path":2978,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2979,"content":2985,"config":2990,"_id":2992,"_type":16,"title":2993,"_source":17,"_file":2994,"_stem":2995,"_extension":20},"/en-us/blog/updates-regarding-rubygems-unauthorized-gem-takeover-for-some-gems-vulnerability",{"title":2980,"description":2981,"ogTitle":2980,"ogDescription":2981,"noIndex":6,"ogImage":2982,"ogUrl":2983,"ogSiteName":918,"ogType":919,"canonicalUrls":2983,"schema":2984},"The Rubygems unauthorized gem takeover vulnerability","Actions we've taken to investigate the Rubygems takeover vulnerability.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749666816/Blog/Hero%20Images/security-cover.png","https://about.gitlab.com/blog/updates-regarding-rubygems-unauthorized-gem-takeover-for-some-gems-vulnerability","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Updates regarding Rubygems ‘Unauthorized gem takeover for some gems’ vulnerability CVE-2022-29176\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"GitLab\"}],\n \"datePublished\": \"2022-05-09\",\n }",{"title":2986,"description":2981,"authors":2987,"heroImage":2982,"date":2968,"category":14,"tags":2989},"Updates regarding Rubygems ‘Unauthorized gem takeover for some gems’ vulnerability CVE-2022-29176",[2988],"GitLab",[14],{"slug":2991,"featured":6,"template":728},"updates-regarding-rubygems-unauthorized-gem-takeover-for-some-gems-vulnerability","content:en-us:blog:updates-regarding-rubygems-unauthorized-gem-takeover-for-some-gems-vulnerability.yml","Updates Regarding Rubygems Unauthorized Gem Takeover For Some Gems Vulnerability","en-us/blog/updates-regarding-rubygems-unauthorized-gem-takeover-for-some-gems-vulnerability.yml","en-us/blog/updates-regarding-rubygems-unauthorized-gem-takeover-for-some-gems-vulnerability",{"_path":2997,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":2998,"content":3003,"config":3008,"_id":3010,"_type":16,"title":3011,"_source":17,"_file":3012,"_stem":3013,"_extension":20},"/en-us/blog/updates-regarding-spring-rce-vulnerabilities",{"title":2999,"description":3000,"ogTitle":2999,"ogDescription":3000,"noIndex":6,"ogImage":2982,"ogUrl":3001,"ogSiteName":918,"ogType":919,"canonicalUrls":3001,"schema":3002},"Spring framework remote code execution vulnerability updates","Actions we've taken to investigate the Spring RCE vulnerabilities.","https://about.gitlab.com/blog/updates-regarding-spring-rce-vulnerabilities","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Updates regarding Spring remote code execution vulnerabilities CVE-2022-22965 and CVE-2022-22963\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"GitLab\"}],\n \"datePublished\": \"2022-04-07\",\n }",{"title":3004,"description":3000,"authors":3005,"heroImage":2982,"date":3006,"category":14,"tags":3007},"Updates regarding Spring remote code execution vulnerabilities CVE-2022-22965 and CVE-2022-22963",[2988],"2022-04-07",[14],{"slug":3009,"featured":6,"template":728},"updates-regarding-spring-rce-vulnerabilities","content:en-us:blog:updates-regarding-spring-rce-vulnerabilities.yml","Updates Regarding Spring Rce Vulnerabilities","en-us/blog/updates-regarding-spring-rce-vulnerabilities.yml","en-us/blog/updates-regarding-spring-rce-vulnerabilities",{"_path":3015,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3016,"content":3022,"config":3028,"_id":3030,"_type":16,"title":3031,"_source":17,"_file":3032,"_stem":3033,"_extension":20},"/en-us/blog/ensuring-compliance",{"title":3017,"description":3018,"ogTitle":3017,"ogDescription":3018,"noIndex":6,"ogImage":3019,"ogUrl":3020,"ogSiteName":918,"ogType":919,"canonicalUrls":3020,"schema":3021},"How to ensure separation of duties and enforce compliance with GitLab","Use your DevSecOps platform to help maintain compliance without compromising on development speed.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750098232/Blog/Hero%20Images/Blog/Hero%20Images/AdobeStock_479904468%20%281%29_4lmOEVlaXP0YC3hSFmOw6i_1750098232241.jpg","https://about.gitlab.com/blog/ensuring-compliance","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How to ensure separation of duties and enforce compliance with GitLab\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Beatriz Barbosa\"},{\"@type\":\"Person\",\"name\":\"Fernando Diaz\"}],\n \"datePublished\": \"2022-04-04\",\n }",{"title":3017,"description":3018,"authors":3023,"heroImage":3019,"date":3025,"category":14,"tags":3026,"updatedDate":3027},[3024,759],"Beatriz Barbosa","2022-04-04",[14,1354,2502,780],"2024-12-16",{"slug":3029,"featured":6,"template":728},"ensuring-compliance","content:en-us:blog:ensuring-compliance.yml","Ensuring Compliance","en-us/blog/ensuring-compliance.yml","en-us/blog/ensuring-compliance",{"_path":3035,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3036,"content":3041,"config":3045,"_id":3047,"_type":16,"title":3048,"_source":17,"_file":3049,"_stem":3050,"_extension":20},"/en-us/blog/comply-with-nist-secure-supply-chain-framework-with-gitlab",{"title":3037,"description":3038,"ogTitle":3037,"ogDescription":3038,"noIndex":6,"ogImage":2588,"ogUrl":3039,"ogSiteName":918,"ogType":919,"canonicalUrls":3039,"schema":3040},"Comply with NIST's secure software supply chain framework with GitLab","The U.S. government's Secure Software Development Framework has four key practices. GitLab's DevOps platform has features to address them all.","https://about.gitlab.com/blog/comply-with-nist-secure-supply-chain-framework-with-gitlab","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Comply with NIST's secure software supply chain framework with GitLab\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Sandra Gittlen\"}],\n \"datePublished\": \"2022-03-29\",\n }",{"title":3037,"description":3038,"authors":3042,"heroImage":2588,"date":3043,"category":14,"tags":3044},[2593],"2022-03-29",[573,542,14,185],{"slug":3046,"featured":6,"template":728},"comply-with-nist-secure-supply-chain-framework-with-gitlab","content:en-us:blog:comply-with-nist-secure-supply-chain-framework-with-gitlab.yml","Comply With Nist Secure Supply Chain Framework With Gitlab","en-us/blog/comply-with-nist-secure-supply-chain-framework-with-gitlab.yml","en-us/blog/comply-with-nist-secure-supply-chain-framework-with-gitlab",{"_path":3052,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3053,"content":3058,"config":3064,"_id":3066,"_type":16,"title":3067,"_source":17,"_file":3068,"_stem":3069,"_extension":20},"/en-us/blog/gitlab-rezilion-integration-reduces-vulnerability-backlog-identifies-exploitable-risks-to-fix",{"title":3054,"description":3055,"ogTitle":3054,"ogDescription":3055,"noIndex":6,"ogImage":2627,"ogUrl":3056,"ogSiteName":918,"ogType":919,"canonicalUrls":3056,"schema":3057},"Reducing vulnerability backlog with Rezilion and GitLab","The native integration helps developers detect and remediate vulnerabilities that are exploitable early on in the development process.","https://about.gitlab.com/blog/gitlab-rezilion-integration-reduces-vulnerability-backlog-identifies-exploitable-risks-to-fix","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How GitLab's integration with Rezilion reduces vulnerability backlog and identifies exploitable risks\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Baksheesh Singh Ghuman\"}],\n \"datePublished\": \"2022-03-23\",\n }",{"title":3059,"description":3055,"authors":3060,"heroImage":2627,"date":3062,"category":14,"tags":3063},"How GitLab's integration with Rezilion reduces vulnerability backlog and identifies exploitable risks",[3061],"Baksheesh Singh Ghuman","2022-03-23",[14,573,232,946],{"slug":3065,"featured":6,"template":728},"gitlab-rezilion-integration-reduces-vulnerability-backlog-identifies-exploitable-risks-to-fix","content:en-us:blog:gitlab-rezilion-integration-reduces-vulnerability-backlog-identifies-exploitable-risks-to-fix.yml","Gitlab Rezilion Integration Reduces Vulnerability Backlog Identifies Exploitable Risks To Fix","en-us/blog/gitlab-rezilion-integration-reduces-vulnerability-backlog-identifies-exploitable-risks-to-fix.yml","en-us/blog/gitlab-rezilion-integration-reduces-vulnerability-backlog-identifies-exploitable-risks-to-fix",{"_path":3071,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3072,"content":3077,"config":3081,"_id":3083,"_type":16,"title":3084,"_source":17,"_file":3085,"_stem":3086,"_extension":20},"/en-us/blog/action-weve-taken-in-response-to-potential-okta-breach",{"title":3073,"description":3074,"ogTitle":3073,"ogDescription":3074,"noIndex":6,"ogImage":2982,"ogUrl":3075,"ogSiteName":918,"ogType":919,"canonicalUrls":3075,"schema":3076},"Action we've taken in response to a potential Okta breach","Actions we've taken to investigate a potential Okta breach.","https://about.gitlab.com/blog/action-weve-taken-in-response-to-potential-okta-breach","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Action we've taken in response to a potential Okta breach\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"GitLab\"}],\n \"datePublished\": \"2022-03-22\",\n }",{"title":3073,"description":3074,"authors":3078,"heroImage":2982,"date":3079,"category":14,"tags":3080},[2988],"2022-03-22",[14],{"slug":3082,"featured":6,"template":728},"action-weve-taken-in-response-to-potential-okta-breach","content:en-us:blog:action-weve-taken-in-response-to-potential-okta-breach.yml","Action Weve Taken In Response To Potential Okta Breach","en-us/blog/action-weve-taken-in-response-to-potential-okta-breach.yml","en-us/blog/action-weve-taken-in-response-to-potential-okta-breach",{"_path":3088,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3089,"content":3094,"config":3099,"_id":3101,"_type":16,"title":3102,"_source":17,"_file":3103,"_stem":3104,"_extension":20},"/en-us/blog/security-hygiene-best-practices-for-gitlab-users",{"title":3090,"description":3091,"ogTitle":3090,"ogDescription":3091,"noIndex":6,"ogImage":2982,"ogUrl":3092,"ogSiteName":918,"ogType":919,"canonicalUrls":3092,"schema":3093},"Security hygiene best practices for GitLab users","Security hygiene measures that GitLab.com and Self-managed users should consider implementing.","https://about.gitlab.com/blog/security-hygiene-best-practices-for-gitlab-users","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Security hygiene best practices for GitLab users\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Johnathan Hunt\"}],\n \"datePublished\": \"2022-03-21\",\n }",{"title":3090,"description":3091,"authors":3095,"heroImage":2982,"date":3097,"category":14,"tags":3098},[3096],"Johnathan Hunt","2022-03-21",[14],{"slug":3100,"featured":6,"template":728},"security-hygiene-best-practices-for-gitlab-users","content:en-us:blog:security-hygiene-best-practices-for-gitlab-users.yml","Security Hygiene Best Practices For Gitlab Users","en-us/blog/security-hygiene-best-practices-for-gitlab-users.yml","en-us/blog/security-hygiene-best-practices-for-gitlab-users",{"_path":3106,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3107,"content":3112,"config":3116,"_id":3118,"_type":16,"title":3119,"_source":17,"_file":3120,"_stem":3121,"_extension":20},"/en-us/blog/how-gitlab-handles-security-bugs",{"title":3108,"description":3109,"ogTitle":3108,"ogDescription":3109,"noIndex":6,"ogImage":2551,"ogUrl":3110,"ogSiteName":918,"ogType":919,"canonicalUrls":3110,"schema":3111},"How GitLab handles security bugs (and why it matters)","Learn what makes our approach to handling and transparently disclosing security bugs unique.","https://about.gitlab.com/blog/how-gitlab-handles-security-bugs","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How GitLab handles security bugs (and why it matters)\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Nick Malcolm\"}],\n \"datePublished\": \"2022-02-17\",\n }",{"title":3108,"description":3109,"authors":3113,"heroImage":2551,"date":3114,"category":14,"tags":3115},[2574],"2022-02-17",[14],{"slug":3117,"featured":6,"template":728},"how-gitlab-handles-security-bugs","content:en-us:blog:how-gitlab-handles-security-bugs.yml","How Gitlab Handles Security Bugs","en-us/blog/how-gitlab-handles-security-bugs.yml","en-us/blog/how-gitlab-handles-security-bugs",{"_path":3123,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3124,"content":3130,"config":3138,"_id":3140,"_type":16,"title":3141,"_source":17,"_file":3142,"_stem":3143,"_extension":20},"/en-us/blog/a-community-driven-advisory-database",{"title":3125,"description":3126,"ogTitle":3125,"ogDescription":3126,"noIndex":6,"ogImage":3127,"ogUrl":3128,"ogSiteName":918,"ogType":919,"canonicalUrls":3128,"schema":3129},"Community-driven advisory database for dependencies launched","The advisory data can be readily adopted, adapted, and exchanged. Learn more here.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749668354/Blog/Hero%20Images/handshake.png","https://about.gitlab.com/blog/a-community-driven-advisory-database","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Introducing a community-driven advisory database for third-party software dependencies\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Mark Art\"},{\"@type\":\"Person\",\"name\":\"Dinesh Bolkensteyn\"},{\"@type\":\"Person\",\"name\":\"Isaac Dawson\"},{\"@type\":\"Person\",\"name\":\"Julian Thome\"}],\n \"datePublished\": \"2022-02-16\",\n }",{"title":3131,"description":3126,"authors":3132,"heroImage":3127,"date":3136,"category":14,"tags":3137},"Introducing a community-driven advisory database for third-party software dependencies",[3133,3134,3135,1334],"Mark Art","Dinesh Bolkensteyn","Isaac Dawson","2022-02-16",[14,1504],{"slug":3139,"featured":6,"template":728},"a-community-driven-advisory-database","content:en-us:blog:a-community-driven-advisory-database.yml","A Community Driven Advisory Database","en-us/blog/a-community-driven-advisory-database.yml","en-us/blog/a-community-driven-advisory-database",{"_path":3145,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3146,"content":3152,"config":3157,"_id":3159,"_type":16,"title":3160,"_source":17,"_file":3161,"_stem":3162,"_extension":20},"/en-us/blog/gitlabs-newest-continuous-compliance-features-bolster-software",{"title":3147,"description":3148,"ogTitle":3147,"ogDescription":3148,"noIndex":6,"ogImage":3149,"ogUrl":3150,"ogSiteName":918,"ogType":919,"canonicalUrls":3150,"schema":3151},"GitLab strengthens supply chain with compliance features","Business leaders and DevOps teams can continuously mitigate the risk of cloud-native environments and use guard rails to automate software compliance.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749667466/Blog/Hero%20Images/GitLab-Sec.png","https://about.gitlab.com/blog/gitlabs-newest-continuous-compliance-features-bolster-software","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"GitLab’s newest continuous compliance features bolster software supply chain security\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Cindy Blake\"}],\n \"datePublished\": \"2022-02-09\",\n }",{"title":3153,"description":3148,"authors":3154,"heroImage":3149,"date":3155,"category":14,"tags":3156},"GitLab’s newest continuous compliance features bolster software supply chain security",[2725],"2022-02-09",[563,14,780],{"slug":3158,"featured":6,"template":728},"gitlabs-newest-continuous-compliance-features-bolster-software","content:en-us:blog:gitlabs-newest-continuous-compliance-features-bolster-software.yml","Gitlabs Newest Continuous Compliance Features Bolster Software","en-us/blog/gitlabs-newest-continuous-compliance-features-bolster-software.yml","en-us/blog/gitlabs-newest-continuous-compliance-features-bolster-software",{"_path":3164,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3165,"content":3171,"config":3175,"_id":3177,"_type":16,"title":3178,"_source":17,"_file":3179,"_stem":3180,"_extension":20},"/en-us/blog/graphql-vulnerability-api",{"title":3166,"description":3167,"ogTitle":3166,"ogDescription":3167,"noIndex":6,"ogImage":3168,"ogUrl":3169,"ogSiteName":918,"ogType":919,"canonicalUrls":3169,"schema":3170},"Using the GitLab GraphQL API for vulnerability reporting","Follow along as we teach you how to use GitLab GraphQL API to manage vulnerabilities programatically.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749682219/Blog/Hero%20Images/jeremy-bishop-FzrlPh20l7Q-unsplash.jpg","https://about.gitlab.com/blog/graphql-vulnerability-api","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Using the GitLab GraphQL API for vulnerability reporting\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Fernando Diaz\"}],\n \"datePublished\": \"2022-02-02\",\n }",{"title":3166,"description":3167,"authors":3172,"heroImage":3168,"date":3173,"category":14,"tags":3174},[759],"2022-02-02",[563,14,764],{"slug":3176,"featured":6,"template":728},"graphql-vulnerability-api","content:en-us:blog:graphql-vulnerability-api.yml","Graphql Vulnerability Api","en-us/blog/graphql-vulnerability-api.yml","en-us/blog/graphql-vulnerability-api",{"_path":3182,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3183,"content":3189,"config":3194,"_id":3196,"_type":16,"title":3197,"_source":17,"_file":3198,"_stem":3199,"_extension":20},"/en-us/blog/securing-the-container-host-with-falco",{"title":3184,"description":3185,"ogTitle":3184,"ogDescription":3185,"noIndex":6,"ogImage":3186,"ogUrl":3187,"ogSiteName":918,"ogType":919,"canonicalUrls":3187,"schema":3188},"Detecting container host anomalies with GitLab and Falco","Learn how to install and use Falco to detect anomalies in your containers","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749663383/Blog/Hero%20Images/tanuki-bg-full.png","https://about.gitlab.com/blog/securing-the-container-host-with-falco","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Detecting and alerting on anomalies in your container host with GitLab + Falco\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Fernando Diaz\"}],\n \"datePublished\": \"2022-01-20\",\n }",{"title":3190,"description":3185,"authors":3191,"heroImage":3186,"date":3192,"category":14,"tags":3193},"Detecting and alerting on anomalies in your container host with GitLab + Falco",[759],"2022-01-20",[14],{"slug":3195,"featured":6,"template":728},"securing-the-container-host-with-falco","content:en-us:blog:securing-the-container-host-with-falco.yml","Securing The Container Host With Falco","en-us/blog/securing-the-container-host-with-falco.yml","en-us/blog/securing-the-container-host-with-falco",{"_path":3201,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3202,"content":3207,"config":3211,"_id":3213,"_type":16,"title":3214,"_source":17,"_file":3215,"_stem":3216,"_extension":20},"/en-us/blog/elite-team-strategies-to-secure-software-supply-chains",{"title":3203,"description":3204,"ogTitle":3203,"ogDescription":3204,"noIndex":6,"ogImage":3149,"ogUrl":3205,"ogSiteName":918,"ogType":919,"canonicalUrls":3205,"schema":3206},"How elite DevOps teams secure the software supply chain","The time is now to integrate security into your DevOps processes - your business will be better for it.","https://about.gitlab.com/blog/elite-team-strategies-to-secure-software-supply-chains","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How elite DevOps teams secure the software supply chain\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Sandra Gittlen\"}],\n \"datePublished\": \"2022-01-06\",\n }",{"title":3203,"description":3204,"authors":3208,"heroImage":3149,"date":3209,"category":14,"tags":3210},[2593],"2022-01-06",[563,14,965],{"slug":3212,"featured":6,"template":728},"elite-team-strategies-to-secure-software-supply-chains","content:en-us:blog:elite-team-strategies-to-secure-software-supply-chains.yml","Elite Team Strategies To Secure Software Supply Chains","en-us/blog/elite-team-strategies-to-secure-software-supply-chains.yml","en-us/blog/elite-team-strategies-to-secure-software-supply-chains",{"_path":3218,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3219,"content":3225,"config":3229,"_id":3231,"_type":16,"title":3232,"_source":17,"_file":3233,"_stem":3234,"_extension":20},"/en-us/blog/gitlab-security-twenty-twenty-one",{"title":3220,"description":3221,"ogTitle":3220,"ogDescription":3221,"noIndex":6,"ogImage":3222,"ogUrl":3223,"ogSiteName":918,"ogType":919,"canonicalUrls":3223,"schema":3224},"GitLab Security in 2021: protect, enhance, certify and strengthen","Join our Security team as we review how we worked to keep GitLab, and our community, secure this past year.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749670795/Blog/Hero%20Images/security-year-in-review-2021.png","https://about.gitlab.com/blog/gitlab-security-twenty-twenty-one","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"GitLab Security in 2021: protect, enhance, certify and strengthen\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Johnathan Hunt\"}],\n \"datePublished\": \"2021-12-17\",\n }",{"title":3220,"description":3221,"authors":3226,"heroImage":3222,"date":3227,"category":14,"tags":3228},[3096],"2021-12-17",[14],{"slug":3230,"featured":6,"template":728},"gitlab-security-twenty-twenty-one","content:en-us:blog:gitlab-security-twenty-twenty-one.yml","Gitlab Security Twenty Twenty One","en-us/blog/gitlab-security-twenty-twenty-one.yml","en-us/blog/gitlab-security-twenty-twenty-one",{"_path":3236,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3237,"content":3242,"config":3247,"_id":3249,"_type":16,"title":3250,"_source":17,"_file":3251,"_stem":3252,"_extension":20},"/en-us/blog/updates-and-actions-to-address-logj-in-gitlab",{"title":3238,"description":3239,"ogTitle":3238,"ogDescription":3239,"noIndex":6,"ogImage":2982,"ogUrl":3240,"ogSiteName":918,"ogType":919,"canonicalUrls":3240,"schema":3241},"GitLab addresses Log4j vulnerabilities with security updates","Actions we’ve taken to investigate and mitigate the impact of Log4j, and actions our users can take.","https://about.gitlab.com/blog/updates-and-actions-to-address-logj-in-gitlab","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Updates and actions to address Log4j CVE 2021 44228 and CVE 2021 45046 in GitLab\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"GitLab\"}],\n \"datePublished\": \"2021-12-15\",\n }",{"title":3243,"description":3239,"authors":3244,"heroImage":2982,"date":3245,"category":14,"tags":3246},"Updates and actions to address Log4j CVE 2021 44228 and CVE 2021 45046 in GitLab",[2988],"2021-12-15",[14],{"slug":3248,"featured":6,"template":728},"updates-and-actions-to-address-logj-in-gitlab","content:en-us:blog:updates-and-actions-to-address-logj-in-gitlab.yml","Updates And Actions To Address Logj In Gitlab","en-us/blog/updates-and-actions-to-address-logj-in-gitlab.yml","en-us/blog/updates-and-actions-to-address-logj-in-gitlab",{"_path":3254,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3255,"content":3261,"config":3268,"_id":3270,"_type":16,"title":3271,"_source":17,"_file":3272,"_stem":3273,"_extension":20},"/en-us/blog/how-gitlab-successfully-expanded-our-soc-2-type-ii-trust-services-report-criteria",{"title":3256,"description":3257,"ogTitle":3256,"ogDescription":3257,"noIndex":6,"ogImage":3258,"ogUrl":3259,"ogSiteName":918,"ogType":919,"canonicalUrls":3259,"schema":3260},"GitLab expands SOC 2 Type II trust services report criteria","Here's how we expanded our SOC 2 Type 2 and SOC 3 reports.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749669950/Blog/Hero%20Images/security-cameras.jpg","https://about.gitlab.com/blog/how-gitlab-successfully-expanded-our-soc-2-type-ii-trust-services-report-criteria","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How GitLab successfully expanded our SOC 2 Type II Trust Services Report Criteria\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Julia Lake\"},{\"@type\":\"Person\",\"name\":\"Liz Coleman\"}],\n \"datePublished\": \"2021-12-14\",\n }",{"title":3262,"description":3257,"authors":3263,"heroImage":3258,"date":3265,"category":14,"tags":3266},"How GitLab successfully expanded our SOC 2 Type II Trust Services Report Criteria",[3264,2083],"Julia Lake","2021-12-14",[14,1989,3267],"growth",{"slug":3269,"featured":6,"template":728},"how-gitlab-successfully-expanded-our-soc-2-type-ii-trust-services-report-criteria","content:en-us:blog:how-gitlab-successfully-expanded-our-soc-2-type-ii-trust-services-report-criteria.yml","How Gitlab Successfully Expanded Our Soc 2 Type Ii Trust Services Report Criteria","en-us/blog/how-gitlab-successfully-expanded-our-soc-2-type-ii-trust-services-report-criteria.yml","en-us/blog/how-gitlab-successfully-expanded-our-soc-2-type-ii-trust-services-report-criteria",{"_path":3275,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3276,"content":3282,"config":3285,"_id":3287,"_type":16,"title":3288,"_source":17,"_file":3289,"_stem":3290,"_extension":20},"/en-us/blog/smashing-bugs-and-dropping-names-in-2021",{"title":3277,"description":3278,"ogTitle":3277,"ogDescription":3278,"noIndex":6,"ogImage":3279,"ogUrl":3280,"ogSiteName":918,"ogType":919,"canonicalUrls":3280,"schema":3281},"2021: Smashing bugs and dropping names","We take a look at some of the big things that happened in our Bug Bounty program this last year and celebrate the contributions of the bug bounty hunters who make it all possible.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749670978/Blog/Hero%20Images/3-bug-bounty-3-years-blog.png","https://about.gitlab.com/blog/smashing-bugs-and-dropping-names-in-2021","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"2021: Smashing bugs and dropping names\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Heather Simpson\"}],\n \"datePublished\": \"2021-12-14\",\n }",{"title":3277,"description":3278,"authors":3283,"heroImage":3279,"date":3265,"category":14,"tags":3284},[2744],[14,1041],{"slug":3286,"featured":6,"template":728},"smashing-bugs-and-dropping-names-in-2021","content:en-us:blog:smashing-bugs-and-dropping-names-in-2021.yml","Smashing Bugs And Dropping Names In 2021","en-us/blog/smashing-bugs-and-dropping-names-in-2021.yml","en-us/blog/smashing-bugs-and-dropping-names-in-2021",{"_path":3292,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3293,"content":3299,"config":3304,"_id":3306,"_type":16,"title":3307,"_source":17,"_file":3308,"_stem":3309,"_extension":20},"/en-us/blog/gitlab-technical-certification-award-wins",{"title":3294,"description":3295,"ogTitle":3294,"ogDescription":3295,"noIndex":6,"ogImage":3296,"ogUrl":3297,"ogSiteName":918,"ogType":919,"canonicalUrls":3297,"schema":3298},"GitLab Technical Certifications program wins 5 awards at LearnX Conference","GitLab's Tech Certification programs won 5 different awards at this year's LearnX conference.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749663397/Blog/Hero%20Images/logoforblogpost.jpg","https://about.gitlab.com/blog/gitlab-technical-certification-award-wins","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"GitLab Technical Certifications program wins 5 awards at LearnX Conference\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Kendra Marquart\"}],\n \"datePublished\": \"2021-12-03\",\n }",{"title":3294,"description":3295,"authors":3300,"heroImage":3296,"date":3302,"category":14,"tags":3303},[3301],"Kendra Marquart","2021-12-03",[780,839,268],{"slug":3305,"featured":6,"template":728},"gitlab-technical-certification-award-wins","content:en-us:blog:gitlab-technical-certification-award-wins.yml","Gitlab Technical Certification Award Wins","en-us/blog/gitlab-technical-certification-award-wins.yml","en-us/blog/gitlab-technical-certification-award-wins",{"_path":3311,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3312,"content":3318,"config":3323,"_id":3325,"_type":16,"title":3326,"_source":17,"_file":3327,"_stem":3328,"_extension":20},"/en-us/blog/three-things-you-might-not-know-about-gitlab-security",{"title":3313,"description":3314,"ogTitle":3313,"ogDescription":3314,"noIndex":6,"ogImage":3315,"ogUrl":3316,"ogSiteName":918,"ogType":919,"canonicalUrls":3316,"schema":3317},"Three things you might not know about GitLab security","There's so much more to GitLab's security offering than meets the eye. Here are three features you may have missed.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749667202/Blog/Hero%20Images/gitlabultimatesecurity.jpg","https://about.gitlab.com/blog/three-things-you-might-not-know-about-gitlab-security","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Three things you might not know about GitLab security\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Matt Wilson\"}],\n \"datePublished\": \"2021-11-23\",\n }",{"title":3313,"description":3314,"authors":3319,"heroImage":3315,"date":3321,"category":14,"tags":3322},[3320],"Matt Wilson","2021-11-23",[563,14,780],{"slug":3324,"featured":6,"template":728},"three-things-you-might-not-know-about-gitlab-security","content:en-us:blog:three-things-you-might-not-know-about-gitlab-security.yml","Three Things You Might Not Know About Gitlab Security","en-us/blog/three-things-you-might-not-know-about-gitlab-security.yml","en-us/blog/three-things-you-might-not-know-about-gitlab-security",{"_path":3330,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3331,"content":3337,"config":3346,"_id":3348,"_type":16,"title":3349,"_source":17,"_file":3350,"_stem":3351,"_extension":20},"/en-us/blog/deep-dive-tech-stack-behind-spamcheck",{"title":3332,"description":3333,"ogTitle":3332,"ogDescription":3333,"noIndex":6,"ogImage":3334,"ogUrl":3335,"ogSiteName":918,"ogType":919,"canonicalUrls":3335,"schema":3336},"Deep dive: the tech stack behind Spamcheck","We take a closer look at the tooling, technical choices, metrics and lessons learned behind our new anti-abuse tool.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749669851/Blog/Hero%20Images/vincent-toesca-KnK98ScsZbU-unsplash.jpg","https://about.gitlab.com/blog/deep-dive-tech-stack-behind-spamcheck","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Deep dive: the tech stack behind Spamcheck\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Jayson Salazar\"},{\"@type\":\"Person\",\"name\":\"Alexander Dietrich\"},{\"@type\":\"Person\",\"name\":\"Alex Groleau\"},{\"@type\":\"Person\",\"name\":\"Ethan Urie\"},{\"@type\":\"Person\",\"name\":\"Juliet Wanjohi\"}],\n \"datePublished\": \"2021-11-18\",\n }",{"title":3332,"description":3333,"authors":3338,"heroImage":3334,"date":3344,"category":14,"tags":3345},[3339,3340,3341,3342,3343],"Jayson Salazar","Alexander Dietrich","Alex Groleau","Ethan Urie","Juliet Wanjohi","2021-11-18",[14],{"slug":3347,"featured":6,"template":728},"deep-dive-tech-stack-behind-spamcheck","content:en-us:blog:deep-dive-tech-stack-behind-spamcheck.yml","Deep Dive Tech Stack Behind Spamcheck","en-us/blog/deep-dive-tech-stack-behind-spamcheck.yml","en-us/blog/deep-dive-tech-stack-behind-spamcheck",{"_path":3353,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3354,"content":3360,"config":3365,"_id":3367,"_type":16,"title":3368,"_source":17,"_file":3369,"_stem":3370,"_extension":20},"/en-us/blog/top-five-actions-owasp-2021",{"title":3355,"description":3356,"ogTitle":3355,"ogDescription":3356,"noIndex":6,"ogImage":3357,"ogUrl":3358,"ogSiteName":918,"ogType":919,"canonicalUrls":3358,"schema":3359},"Five key actions to take based on OWASP Top 10 2021 updates","Learn what actions engineers should take based on the OWASP Top 10 updates for 2021","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749684879/Blog/Hero%20Images/joshua-golde-qIu77BsFdds-unsplash.jpg","https://about.gitlab.com/blog/top-five-actions-owasp-2021","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Top five actions engineers should take based on the OWASP Top 10 2021 security updates\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Wayne Haber\"}],\n \"datePublished\": \"2021-11-15\",\n }",{"title":3361,"description":3356,"authors":3362,"heroImage":3357,"date":3364,"category":14},"Top five actions engineers should take based on the OWASP Top 10 2021 security updates",[3363],"Wayne Haber","2021-11-15",{"slug":3366,"featured":6,"template":728},"top-five-actions-owasp-2021","content:en-us:blog:top-five-actions-owasp-2021.yml","Top Five Actions Owasp 2021","en-us/blog/top-five-actions-owasp-2021.yml","en-us/blog/top-five-actions-owasp-2021",{"_path":3372,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3373,"content":3378,"config":3382,"_id":3384,"_type":16,"title":3385,"_source":17,"_file":3386,"_stem":3387,"_extension":20},"/en-us/blog/action-needed-in-response-to-cve2021-22205",{"title":3374,"description":3375,"ogTitle":3374,"ogDescription":3375,"noIndex":6,"ogImage":2982,"ogUrl":3376,"ogSiteName":918,"ogType":919,"canonicalUrls":3376,"schema":3377},"Action needed by self-managed customers in response to CVE-2021-22205","Self-managed users using outdated versions should update immediately.","https://about.gitlab.com/blog/action-needed-in-response-to-cve2021-22205","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Action needed by self-managed customers in response to CVE-2021-22205\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"GitLab\"}],\n \"datePublished\": \"2021-11-04\",\n }",{"title":3374,"description":3375,"authors":3379,"heroImage":2982,"date":3380,"category":14,"tags":3381},[2988],"2021-11-04",[14],{"slug":3383,"featured":6,"template":728},"action-needed-in-response-to-cve2021-22205","content:en-us:blog:action-needed-in-response-to-cve2021-22205.yml","Action Needed In Response To Cve2021 22205","en-us/blog/action-needed-in-response-to-cve2021-22205.yml","en-us/blog/action-needed-in-response-to-cve2021-22205",{"_path":3389,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3390,"content":3396,"config":3400,"_id":3402,"_type":16,"title":3403,"_source":17,"_file":3404,"_stem":3405,"_extension":20},"/en-us/blog/3rd-annual-bug-bounty-contest",{"title":3391,"description":3392,"ogTitle":3391,"ogDescription":3392,"noIndex":6,"ogImage":3393,"ogUrl":3394,"ogSiteName":918,"ogType":919,"canonicalUrls":3394,"schema":3395},"Our 3rd annual bug bounty contest: the swagtastic sequel to the sequel","We’re running a bug bounty contest November 1 thru December 3. Find a bug and be entered to win some sweet custom swag. What’s better than a contest? Increased bounty ranges!","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749670997/Blog/Hero%20Images/BB-3rd-Anniversary-blog-header.png","https://about.gitlab.com/blog/3rd-annual-bug-bounty-contest","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Our 3rd annual bug bounty contest: the swagtastic sequel to the sequel\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Heather Simpson\"}],\n \"datePublished\": \"2021-11-01\",\n }",{"title":3391,"description":3392,"authors":3397,"heroImage":3393,"date":3398,"category":14,"tags":3399},[2744],"2021-11-01",[14,1041],{"slug":3401,"featured":6,"template":728},"3rd-annual-bug-bounty-contest","content:en-us:blog:3rd-annual-bug-bounty-contest.yml","3rd Annual Bug Bounty Contest","en-us/blog/3rd-annual-bug-bounty-contest.yml","en-us/blog/3rd-annual-bug-bounty-contest",{"_path":3407,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3408,"content":3414,"config":3419,"_id":3421,"_type":16,"title":3422,"_source":17,"_file":3423,"_stem":3424,"_extension":20},"/en-us/blog/how-were-using-dast2-for-easier-scan-configuration",{"title":3409,"description":3410,"ogTitle":3409,"ogDescription":3410,"noIndex":6,"ogImage":3411,"ogUrl":3412,"ogSiteName":918,"ogType":919,"canonicalUrls":3412,"schema":3413},"How we’re using DAST 2 for easier scan configuration and reduced noise","Our security team upgraded to GitLab’s DAST 2. Here’s how and why we did it.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749682167/Blog/Hero%20Images/pexels-chernaya-575.jpg","https://about.gitlab.com/blog/how-were-using-dast2-for-easier-scan-configuration","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How we’re using DAST 2 for easier scan configuration and reduced noise\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Nikhil George\"}],\n \"datePublished\": \"2021-10-27\",\n }",{"title":3409,"description":3410,"authors":3415,"heroImage":3411,"date":3417,"category":14,"tags":3418},[3416],"Nikhil George","2021-10-27",[14],{"slug":3420,"featured":6,"template":728},"how-were-using-dast2-for-easier-scan-configuration","content:en-us:blog:how-were-using-dast2-for-easier-scan-configuration.yml","How Were Using Dast2 For Easier Scan Configuration","en-us/blog/how-were-using-dast2-for-easier-scan-configuration.yml","en-us/blog/how-were-using-dast2-for-easier-scan-configuration",{"_path":3426,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3427,"content":3432,"config":3435,"_id":3437,"_type":16,"title":3438,"_source":17,"_file":3439,"_stem":3440,"_extension":20},"/en-us/blog/notice-for-gitkraken-users-with-gitlab",{"title":3428,"description":3429,"ogTitle":3428,"ogDescription":3429,"noIndex":6,"ogImage":2982,"ogUrl":3430,"ogSiteName":918,"ogType":919,"canonicalUrls":3430,"schema":3431},"Notice for GitKraken users with GitLab","How we responded to Axosoft’s GitKraken software vulnerability affecting SSH keys and actions users should take.","https://about.gitlab.com/blog/notice-for-gitkraken-users-with-gitlab","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Notice for GitKraken users with GitLab\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"GitLab\"}],\n \"datePublished\": \"2021-10-11\",\n }",{"title":3428,"description":3429,"authors":3433,"heroImage":2982,"date":3434,"category":14},[2988],"2021-10-11",{"slug":3436,"featured":6,"template":728},"notice-for-gitkraken-users-with-gitlab","content:en-us:blog:notice-for-gitkraken-users-with-gitlab.yml","Notice For Gitkraken Users With Gitlab","en-us/blog/notice-for-gitkraken-users-with-gitlab.yml","en-us/blog/notice-for-gitkraken-users-with-gitlab",{"_path":3442,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3443,"content":3449,"config":3453,"_id":3455,"_type":16,"title":3456,"_source":17,"_file":3457,"_stem":3458,"_extension":20},"/en-us/blog/threat-modeling-kubernetes-agent",{"title":3444,"description":3445,"ogTitle":3444,"ogDescription":3445,"noIndex":6,"ogImage":3446,"ogUrl":3447,"ogSiteName":918,"ogType":919,"canonicalUrls":3447,"schema":3448},"Threat modeling the Kubernetes Agent: from MVC to continuous improvement","Learn how we put our threat model into action iteratively and expanded the\nprocess into a full-fledged standalone activity.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749682156/Blog/Hero%20Images/pexels-jesus-miron-garcia-3043592.jpg","https://about.gitlab.com/blog/threat-modeling-kubernetes-agent","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Threat modeling the Kubernetes Agent: from MVC to continuous improvement\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Vitor Meireles De Sousa\"}],\n \"datePublished\": \"2021-10-11\",\n }",{"title":3444,"description":3445,"authors":3450,"heroImage":3446,"date":3434,"category":14,"tags":3452},[3451],"Vitor Meireles De Sousa",[14],{"slug":3454,"featured":6,"template":728},"threat-modeling-kubernetes-agent","content:en-us:blog:threat-modeling-kubernetes-agent.yml","Threat Modeling Kubernetes Agent","en-us/blog/threat-modeling-kubernetes-agent.yml","en-us/blog/threat-modeling-kubernetes-agent",{"_path":3460,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3461,"content":3466,"config":3470,"_id":3472,"_type":16,"title":3473,"_source":17,"_file":3474,"_stem":3475,"_extension":20},"/en-us/blog/generic-semantic-version-processing",{"title":3462,"description":3463,"ogTitle":3462,"ogDescription":3463,"noIndex":6,"ogImage":3296,"ogUrl":3464,"ogSiteName":918,"ogType":919,"canonicalUrls":3464,"schema":3465},"SemVer versioning: how we handled it with linear interval arithmetic","SemVer versioning made it difficult to automate processing. We turned to linear interval arithmetic to come up with a unified, language-agnostic semantic versioning approach.","https://about.gitlab.com/blog/generic-semantic-version-processing","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"SemVer versioning: how we handled it with linear interval arithmetic\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Julian Thome\"}],\n \"datePublished\": \"2021-09-28\",\n }",{"title":3462,"description":3463,"authors":3467,"heroImage":3296,"date":3468,"category":14,"tags":3469},[1334],"2021-09-28",[14,563,1096],{"slug":3471,"featured":6,"template":728},"generic-semantic-version-processing","content:en-us:blog:generic-semantic-version-processing.yml","Generic Semantic Version Processing","en-us/blog/generic-semantic-version-processing.yml","en-us/blog/generic-semantic-version-processing",{"_path":3477,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3478,"content":3484,"config":3492,"_id":3494,"_type":16,"title":3495,"_source":17,"_file":3496,"_stem":3497,"_extension":20},"/en-us/blog/write-vulnerability-detection-rules",{"title":3479,"description":3480,"ogTitle":3479,"ogDescription":3480,"noIndex":6,"ogImage":3481,"ogUrl":3482,"ogSiteName":918,"ogType":919,"canonicalUrls":3482,"schema":3483},"How to write and continuously test vulnerability detection rules for SAST","Interns with the Google Summer of Code helped GitLab transition from our old SAST tools to Semgrep.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749667819/Blog/Hero%20Images/anomaly-detection-cover.png","https://about.gitlab.com/blog/write-vulnerability-detection-rules","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How to write and continuously test vulnerability detection rules for SAST\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Ross Fuhrman\"},{\"@type\":\"Person\",\"name\":\"Anshuman Singh\"},{\"@type\":\"Person\",\"name\":\"Julian Thome\"}],\n \"datePublished\": \"2021-09-08\",\n }",{"title":3479,"description":3480,"authors":3485,"heroImage":3481,"date":3488,"category":14,"tags":3489},[3486,3487,1334],"Ross Fuhrman","Anshuman Singh","2021-09-08",[14,3490,3491],"AWS","demo",{"slug":3493,"featured":6,"template":728},"write-vulnerability-detection-rules","content:en-us:blog:write-vulnerability-detection-rules.yml","Write Vulnerability Detection Rules","en-us/blog/write-vulnerability-detection-rules.yml","en-us/blog/write-vulnerability-detection-rules",{"_path":3499,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3500,"content":3506,"config":3510,"_id":3512,"_type":16,"title":3513,"_source":17,"_file":3514,"_stem":3515,"_extension":20},"/en-us/blog/why-are-developers-vulnerable-to-driveby-attacks",{"title":3501,"description":3502,"ogTitle":3501,"ogDescription":3502,"noIndex":6,"ogImage":3503,"ogUrl":3504,"ogSiteName":918,"ogType":919,"canonicalUrls":3504,"schema":3505},"Why are developers so vulnerable to drive-by attacks?","The complexity of developer working environments make them more likely to be vulnerable to a drive-by attack. We talk about why and walk you through a real-life example from a recent disclosure here at GitLab, and provide tips to reduce the risk and impact of drive-by attacks.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749682986/Blog/Hero%20Images/pexels-pixabay-434450.jpg","https://about.gitlab.com/blog/why-are-developers-vulnerable-to-driveby-attacks","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Why are developers so vulnerable to drive-by attacks?\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Chris Moberly\"}],\n \"datePublished\": \"2021-09-07\",\n }",{"title":3501,"description":3502,"authors":3507,"heroImage":3503,"date":3508,"category":14,"tags":3509},[1131],"2021-09-07",[14],{"slug":3511,"featured":6,"template":728},"why-are-developers-vulnerable-to-driveby-attacks","content:en-us:blog:why-are-developers-vulnerable-to-driveby-attacks.yml","Why Are Developers Vulnerable To Driveby Attacks","en-us/blog/why-are-developers-vulnerable-to-driveby-attacks.yml","en-us/blog/why-are-developers-vulnerable-to-driveby-attacks",{"_path":3517,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3518,"content":3524,"config":3529,"_id":3531,"_type":16,"title":3532,"_source":17,"_file":3533,"_stem":3534,"_extension":20},"/en-us/blog/secure-pipeline-with-single-sign-in",{"title":3519,"description":3520,"ogTitle":3519,"ogDescription":3520,"noIndex":6,"ogImage":3521,"ogUrl":3522,"ogSiteName":918,"ogType":919,"canonicalUrls":3522,"schema":3523},"How to secure your software build pipeline using code signing","The Venafi plugin for GitLab enables single sign-on and digital signatures to better secure your app.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749682125/Blog/Hero%20Images/venafi_coverimage.jpg","https://about.gitlab.com/blog/secure-pipeline-with-single-sign-in","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How to secure your software build pipeline using code signing\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Eddie Glenn\"}],\n \"datePublished\": \"2021-08-30\",\n }",{"title":3519,"description":3520,"authors":3525,"heroImage":3521,"date":3527,"category":14,"tags":3528},[3526],"Eddie Glenn","2021-08-30",[14],{"slug":3530,"featured":6,"template":728},"secure-pipeline-with-single-sign-in","content:en-us:blog:secure-pipeline-with-single-sign-in.yml","Secure Pipeline With Single Sign In","en-us/blog/secure-pipeline-with-single-sign-in.yml","en-us/blog/secure-pipeline-with-single-sign-in",{"_path":3536,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3537,"content":3543,"config":3547,"_id":3549,"_type":16,"title":3550,"_source":17,"_file":3551,"_stem":3552,"_extension":20},"/en-us/blog/introducing-spamcheck-data-driven-anti-abuse",{"title":3538,"description":3539,"ogTitle":3538,"ogDescription":3539,"noIndex":6,"ogImage":3540,"ogUrl":3541,"ogSiteName":918,"ogType":919,"canonicalUrls":3541,"schema":3542},"Introducing Spamcheck: A data-driven, anti-abuse engine","How we built, tested and deployed a new tool on GitLab that fights spam and abuse.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749669841/Blog/Hero%20Images/lionello-delpiccolo-unsplash.jpg","https://about.gitlab.com/blog/introducing-spamcheck-data-driven-anti-abuse","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Introducing Spamcheck: A data-driven, anti-abuse engine\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Jayson Salazar\"},{\"@type\":\"Person\",\"name\":\"Alexander Dietrich\"},{\"@type\":\"Person\",\"name\":\"Alex Groleau\"},{\"@type\":\"Person\",\"name\":\"Ethan Urie\"},{\"@type\":\"Person\",\"name\":\"Juliet Wanjohi\"}],\n \"datePublished\": \"2021-08-19\",\n }",{"title":3538,"description":3539,"authors":3544,"heroImage":3540,"date":3545,"category":14,"tags":3546},[3339,3340,3341,3342,3343],"2021-08-19",[14],{"slug":3548,"featured":6,"template":728},"introducing-spamcheck-data-driven-anti-abuse","content:en-us:blog:introducing-spamcheck-data-driven-anti-abuse.yml","Introducing Spamcheck Data Driven Anti Abuse","en-us/blog/introducing-spamcheck-data-driven-anti-abuse.yml","en-us/blog/introducing-spamcheck-data-driven-anti-abuse",{"_path":3554,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3555,"content":3561,"config":3566,"_id":3568,"_type":16,"title":3569,"_source":17,"_file":3570,"_stem":3571,"_extension":20},"/en-us/blog/what-the-solarwinds-attack-can-teach-us-about-devsecops",{"title":3556,"description":3557,"ogTitle":3556,"ogDescription":3557,"noIndex":6,"ogImage":3558,"ogUrl":3559,"ogSiteName":918,"ogType":919,"canonicalUrls":3559,"schema":3560},"How DevSecOps can protect businesses from future supply chain attacks","Learn how GitLab's all-in-one DevSecOps solution can help businesses keep their supply chains secure.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749669522/Blog/Hero%20Images/solarpanels.jpg","https://about.gitlab.com/blog/what-the-solarwinds-attack-can-teach-us-about-devsecops","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How DevSecOps can protect businesses from future supply chain attacks\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Pedro Fortuna\"},{\"@type\":\"Person\",\"name\":\"Sam Kerr\"}],\n \"datePublished\": \"2021-08-18\",\n }",{"title":3556,"description":3557,"authors":3562,"heroImage":3558,"date":3564,"category":14,"tags":3565},[3563,2895],"Pedro Fortuna","2021-08-18",[563,14,232],{"slug":3567,"featured":6,"template":728},"what-the-solarwinds-attack-can-teach-us-about-devsecops","content:en-us:blog:what-the-solarwinds-attack-can-teach-us-about-devsecops.yml","What The Solarwinds Attack Can Teach Us About Devsecops","en-us/blog/what-the-solarwinds-attack-can-teach-us-about-devsecops.yml","en-us/blog/what-the-solarwinds-attack-can-teach-us-about-devsecops",{"_path":3573,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3574,"content":3580,"config":3585,"_id":3587,"_type":16,"title":3588,"_source":17,"_file":3589,"_stem":3590,"_extension":20},"/en-us/blog/announcing-package-hunter",{"title":3575,"description":3576,"ogTitle":3575,"ogDescription":3576,"noIndex":6,"ogImage":3577,"ogUrl":3578,"ogSiteName":918,"ogType":919,"canonicalUrls":3578,"schema":3579},"Package Hunter: Detect malicious code in dependencies","We developed, tested and open sourced a new tool to analyze program dependencies and protect the supply chain.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749682075/Blog/Hero%20Images/package-hunter.png","https://about.gitlab.com/blog/announcing-package-hunter","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Meet Package Hunter: A tool for detecting malicious code in your dependencies\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Dennis Appelt\"}],\n \"datePublished\": \"2021-07-23\",\n }",{"title":3581,"description":3576,"authors":3582,"heroImage":3577,"date":3583,"category":14,"tags":3584},"Meet Package Hunter: A tool for detecting malicious code in your dependencies",[2045],"2021-07-23",[14,1337],{"slug":3586,"featured":6,"template":728},"announcing-package-hunter","content:en-us:blog:announcing-package-hunter.yml","Announcing Package Hunter","en-us/blog/announcing-package-hunter.yml","en-us/blog/announcing-package-hunter",{"_path":3592,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3593,"content":3599,"config":3603,"_id":3605,"_type":16,"title":3606,"_source":17,"_file":3607,"_stem":3608,"_extension":20},"/en-us/blog/creating-a-threat-model-that-works-for-gitlab",{"title":3594,"description":3595,"ogTitle":3594,"ogDescription":3595,"noIndex":6,"ogImage":3596,"ogUrl":3597,"ogSiteName":918,"ogType":919,"canonicalUrls":3597,"schema":3598},"How we’re creating a threat model framework that works for GitLab","As usual, we’re creating our own path in how we handle our threat modeling, approaching development both iteratively and collaboratively, and seriously shifting left with our framework and processes.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749682058/Blog/Hero%20Images/pexels-nathan-j-hilton.jpg","https://about.gitlab.com/blog/creating-a-threat-model-that-works-for-gitlab","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How we’re creating a threat model framework that works for GitLab\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Mark Loveless\"}],\n \"datePublished\": \"2021-07-09\",\n }",{"title":3594,"description":3595,"authors":3600,"heroImage":3596,"date":3601,"category":14,"tags":3602},[1747],"2021-07-09",[14,839,1337],{"slug":3604,"featured":6,"template":728},"creating-a-threat-model-that-works-for-gitlab","content:en-us:blog:creating-a-threat-model-that-works-for-gitlab.yml","Creating A Threat Model That Works For Gitlab","en-us/blog/creating-a-threat-model-that-works-for-gitlab.yml","en-us/blog/creating-a-threat-model-that-works-for-gitlab",{"_path":3610,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3611,"content":3616,"config":3620,"_id":3622,"_type":16,"title":3623,"_source":17,"_file":3624,"_stem":3625,"_extension":20},"/en-us/blog/two-bugs-and-a-quick-fix-in-gitpod",{"title":3612,"description":3613,"ogTitle":3612,"ogDescription":3613,"noIndex":6,"ogImage":2532,"ogUrl":3614,"ogSiteName":918,"ogType":919,"canonicalUrls":3614,"schema":3615},"A brief look at Gitpod, two bugs, and a quick fix","Our security researcher takes a look at Gitpod and finds some access tokens under the carpet.","https://about.gitlab.com/blog/two-bugs-and-a-quick-fix-in-gitpod","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"A brief look at Gitpod, two bugs, and a quick fix\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Joern Schneeweisz\"}],\n \"datePublished\": \"2021-07-08\",\n }",{"title":3612,"description":3613,"authors":3617,"heroImage":2532,"date":3618,"category":14,"tags":3619},[2537],"2021-07-08",[14,1337],{"slug":3621,"featured":6,"template":728},"two-bugs-and-a-quick-fix-in-gitpod","content:en-us:blog:two-bugs-and-a-quick-fix-in-gitpod.yml","Two Bugs And A Quick Fix In Gitpod","en-us/blog/two-bugs-and-a-quick-fix-in-gitpod.yml","en-us/blog/two-bugs-and-a-quick-fix-in-gitpod",{"_path":3627,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3628,"content":3634,"config":3638,"_id":3640,"_type":16,"title":3641,"_source":17,"_file":3642,"_stem":3643,"_extension":20},"/en-us/blog/how-i-use-gitlab-to-help-my-hack",{"title":3629,"description":3630,"ogTitle":3629,"ogDescription":3630,"noIndex":6,"ogImage":3631,"ogUrl":3632,"ogSiteName":918,"ogType":919,"canonicalUrls":3632,"schema":3633},"How do bug bounty hunters use GitLab to help their hack?","We know GitLab is a complete open source DevOps platform, but can it improve your hack? We chat with three bug bounty hunters to find out.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749670944/Blog/Hero%20Images/gitlab-to-help-my-hack.png","https://about.gitlab.com/blog/how-i-use-gitlab-to-help-my-hack","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How do bug bounty hunters use GitLab to help their hack?\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Heather Simpson\"}],\n \"datePublished\": \"2021-06-11\",\n }",{"title":3629,"description":3630,"authors":3635,"heroImage":3631,"date":3636,"category":14,"tags":3637},[2744],"2021-06-11",[14,1041,268],{"slug":3639,"featured":6,"template":728},"how-i-use-gitlab-to-help-my-hack","content:en-us:blog:how-i-use-gitlab-to-help-my-hack.yml","How I Use Gitlab To Help My Hack","en-us/blog/how-i-use-gitlab-to-help-my-hack.yml","en-us/blog/how-i-use-gitlab-to-help-my-hack",{"_path":3645,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3646,"content":3652,"config":3656,"_id":3658,"_type":16,"title":3659,"_source":17,"_file":3660,"_stem":3661,"_extension":20},"/en-us/blog/deep-dive-investigation-of-gitlab-packages",{"title":3647,"description":3648,"ogTitle":3647,"ogDescription":3648,"noIndex":6,"ogImage":3649,"ogUrl":3650,"ogSiteName":918,"ogType":919,"canonicalUrls":3650,"schema":3651},"A deep dive into how we investigate and secure GitLab packages","Supply chain attacks aren't new, but that doesn't mean extra vigilance and protection aren't needed. We take a look at how we secure our packages and registries.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749682004/Blog/Hero%20Images/gabriel-sollmann-unsplash.jpg","https://about.gitlab.com/blog/deep-dive-investigation-of-gitlab-packages","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"A deep dive into how we investigate and secure GitLab packages\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Vitor Meireles De Sousa\"}],\n \"datePublished\": \"2021-05-27\",\n }",{"title":3647,"description":3648,"authors":3653,"heroImage":3649,"date":3654,"category":14,"tags":3655},[3451],"2021-05-27",[14,839],{"slug":3657,"featured":6,"template":728},"deep-dive-investigation-of-gitlab-packages","content:en-us:blog:deep-dive-investigation-of-gitlab-packages.yml","Deep Dive Investigation Of Gitlab Packages","en-us/blog/deep-dive-investigation-of-gitlab-packages.yml","en-us/blog/deep-dive-investigation-of-gitlab-packages",{"_path":3663,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3664,"content":3670,"config":3675,"_id":3677,"_type":16,"title":3678,"_source":17,"_file":3679,"_stem":3680,"_extension":20},"/en-us/blog/how-we-used-gitlab-values-to-build-a-security-awards-program",{"title":3665,"description":3666,"ogTitle":3665,"ogDescription":3666,"noIndex":6,"ogImage":3667,"ogUrl":3668,"ogSiteName":918,"ogType":919,"canonicalUrls":3668,"schema":3669},"How we used GitLab values to develop a successful Security Awards Program","We built a program that encourages, recognizes, and awards a shared responsibility for security.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749681989/Blog/Hero%20Images/security-awards-blog.png","https://about.gitlab.com/blog/how-we-used-gitlab-values-to-build-a-security-awards-program","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How we used GitLab values to develop a successful Security Awards Program\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Philippe Lafoucrière\"}],\n \"datePublished\": \"2021-05-14\",\n }",{"title":3665,"description":3666,"authors":3671,"heroImage":3667,"date":3673,"category":14,"tags":3674},[3672],"Philippe Lafoucrière","2021-05-14",[14,839,1096],{"slug":3676,"featured":6,"template":728},"how-we-used-gitlab-values-to-build-a-security-awards-program","content:en-us:blog:how-we-used-gitlab-values-to-build-a-security-awards-program.yml","How We Used Gitlab Values To Build A Security Awards Program","en-us/blog/how-we-used-gitlab-values-to-build-a-security-awards-program.yml","en-us/blog/how-we-used-gitlab-values-to-build-a-security-awards-program",{"_path":3682,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3683,"content":3689,"config":3693,"_id":3695,"_type":16,"title":3696,"_source":17,"_file":3697,"_stem":3698,"_extension":20},"/en-us/blog/how-the-security-culture-committee-is-strengthening-gitlab-values",{"title":3684,"description":3685,"ogTitle":3684,"ogDescription":3685,"noIndex":6,"ogImage":3686,"ogUrl":3687,"ogSiteName":918,"ogType":919,"canonicalUrls":3687,"schema":3688},"How the Security Culture Committee is strengthening GitLab values","Learn how this group of team members works to preserve and reinforce GitLab values in the Security department and beyond.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749670879/Blog/Hero%20Images/Sec-Culture-Committee-blog.png","https://about.gitlab.com/blog/how-the-security-culture-committee-is-strengthening-gitlab-values","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How the Security Culture Committee is strengthening GitLab values\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Heather Simpson\"}],\n \"datePublished\": \"2021-05-07\",\n }",{"title":3684,"description":3685,"authors":3690,"heroImage":3686,"date":3691,"category":14,"tags":3692},[2744],"2021-05-07",[14,839],{"slug":3694,"featured":6,"template":728},"how-the-security-culture-committee-is-strengthening-gitlab-values","content:en-us:blog:how-the-security-culture-committee-is-strengthening-gitlab-values.yml","How The Security Culture Committee Is Strengthening Gitlab Values","en-us/blog/how-the-security-culture-committee-is-strengthening-gitlab-values.yml","en-us/blog/how-the-security-culture-committee-is-strengthening-gitlab-values",{"_path":3700,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3701,"content":3707,"config":3712,"_id":3714,"_type":16,"title":3715,"_source":17,"_file":3716,"_stem":3717,"_extension":20},"/en-us/blog/how-we-apply-gitlab-values-to-our-bug-bounty-council-process",{"title":3702,"description":3703,"ogTitle":3702,"ogDescription":3703,"noIndex":6,"ogImage":3704,"ogUrl":3705,"ogSiteName":918,"ogType":919,"canonicalUrls":3705,"schema":3706},"Inside the Bug Bounty Council at GitLab","We improve consistency across severity ratings and payouts in our bug bounty program with collaboration, iteration, and async communication.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749681956/Blog/Hero%20Images/gitlab-values-header.png","https://about.gitlab.com/blog/how-we-apply-gitlab-values-to-our-bug-bounty-council-process","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Inside the Bug Bounty Council at GitLab\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Andrew Kelly\"}],\n \"datePublished\": \"2021-03-16\",\n }",{"title":3702,"description":3703,"authors":3708,"heroImage":3704,"date":3710,"category":14,"tags":3711},[3709],"Andrew Kelly","2021-03-16",[14,1041,839],{"slug":3713,"featured":6,"template":728},"how-we-apply-gitlab-values-to-our-bug-bounty-council-process","content:en-us:blog:how-we-apply-gitlab-values-to-our-bug-bounty-council-process.yml","How We Apply Gitlab Values To Our Bug Bounty Council Process","en-us/blog/how-we-apply-gitlab-values-to-our-bug-bounty-council-process.yml","en-us/blog/how-we-apply-gitlab-values-to-our-bug-bounty-council-process",{"_path":3719,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3720,"content":3726,"config":3730,"_id":3732,"_type":16,"title":3733,"_source":17,"_file":3734,"_stem":3735,"_extension":20},"/en-us/blog/ajxchapman-ask-a-hacker",{"title":3721,"description":3722,"ogTitle":3721,"ogDescription":3722,"noIndex":6,"ogImage":3723,"ogUrl":3724,"ogSiteName":918,"ogType":919,"canonicalUrls":3724,"schema":3725},"Ask a hacker: ajxchapman","We talk with bug bounty hunter Alex Chapman about his favorite type of vulnerability to research and the one piece of security advice he’d offer to the company he hacks.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749670926/Blog/Hero%20Images/bug-bounty-ask-a-hacker.png","https://about.gitlab.com/blog/ajxchapman-ask-a-hacker","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Ask a hacker: ajxchapman\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Heather Simpson\"}],\n \"datePublished\": \"2021-03-04\",\n }",{"title":3721,"description":3722,"authors":3727,"heroImage":3723,"date":3728,"category":14,"tags":3729},[2744],"2021-03-04",[14,1041],{"slug":3731,"featured":6,"template":728},"ajxchapman-ask-a-hacker","content:en-us:blog:ajxchapman-ask-a-hacker.yml","Ajxchapman Ask A Hacker","en-us/blog/ajxchapman-ask-a-hacker.yml","en-us/blog/ajxchapman-ask-a-hacker",{"_path":3737,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3738,"content":3743,"config":3748,"_id":3750,"_type":16,"title":3751,"_source":17,"_file":3752,"_stem":3753,"_extension":20},"/en-us/blog/masked-variable-vulnerability-in-runner-ver-13-9-0-rc1",{"title":3739,"description":3740,"ogTitle":3739,"ogDescription":3740,"noIndex":6,"ogImage":2982,"ogUrl":3741,"ogSiteName":918,"ogType":919,"canonicalUrls":3741,"schema":3742},"Masked variable vulnerability in Runner version 13.9.0-rc1","How we responded to a masked variable vulnerability in GitLab Runner version 13.9.0-rc1 and actions users should take.","https://about.gitlab.com/blog/masked-variable-vulnerability-in-runner-ver-13-9-0-rc1","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Masked variable vulnerability in Runner version 13.9.0-rc1\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Lee Matos\"}],\n \"datePublished\": \"2021-02-18\",\n }",{"title":3739,"description":3740,"authors":3744,"heroImage":2982,"date":3746,"category":14,"tags":3747},[3745],"Lee Matos","2021-02-18",[14],{"slug":3749,"featured":6,"template":728},"masked-variable-vulnerability-in-runner-ver-13-9-0-rc1","content:en-us:blog:masked-variable-vulnerability-in-runner-ver-13-9-0-rc1.yml","Masked Variable Vulnerability In Runner Ver 13 9 0 Rc1","en-us/blog/masked-variable-vulnerability-in-runner-ver-13-9-0-rc1.yml","en-us/blog/masked-variable-vulnerability-in-runner-ver-13-9-0-rc1",{"_path":3755,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3756,"content":3761,"config":3765,"_id":3767,"_type":16,"title":3768,"_source":17,"_file":3769,"_stem":3770,"_extension":20},"/en-us/blog/mobile-static-application-security-testing-for-android",{"title":3757,"description":3758,"ogTitle":3757,"ogDescription":3758,"noIndex":6,"ogImage":2982,"ogUrl":3759,"ogSiteName":918,"ogType":919,"canonicalUrls":3759,"schema":3760},"Android App Security Testing with SAST","Learn how to secure your Android application with Static Application Security Testing.","https://about.gitlab.com/blog/mobile-static-application-security-testing-for-android","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Android App Security Testing with SAST\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Fernando Diaz\"}],\n \"datePublished\": \"2020-12-16\",\n }",{"title":3757,"description":3758,"authors":3762,"heroImage":2982,"date":3763,"category":14,"tags":3764},[759],"2020-12-16",[14,563,780,232,1096],{"slug":3766,"featured":6,"template":728},"mobile-static-application-security-testing-for-android","content:en-us:blog:mobile-static-application-security-testing-for-android.yml","Mobile Static Application Security Testing For Android","en-us/blog/mobile-static-application-security-testing-for-android.yml","en-us/blog/mobile-static-application-security-testing-for-android",{"_path":3772,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3773,"content":3779,"config":3783,"_id":3785,"_type":16,"title":3786,"_source":17,"_file":3787,"_stem":3788,"_extension":20},"/en-us/blog/twenty-twenty-through-a-bug-bounty-lens",{"title":3774,"description":3775,"ogTitle":3774,"ogDescription":3775,"noIndex":6,"ogImage":3776,"ogUrl":3777,"ogSiteName":918,"ogType":919,"canonicalUrls":3777,"schema":3778},"2020 through a bug bounty lens","We take a look back at the year in bugs and bounties and celebrate the reporters and contributions that make us more secure.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749671018/Blog/Hero%20Images/gitlab-security-blog-cover_3.png","https://about.gitlab.com/blog/twenty-twenty-through-a-bug-bounty-lens","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"2020 through a bug bounty lens\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Heather Simpson\"}],\n \"datePublished\": \"2020-12-14\",\n }",{"title":3774,"description":3775,"authors":3780,"heroImage":3776,"date":3781,"category":14,"tags":3782},[2744],"2020-12-14",[14,1041],{"slug":3784,"featured":6,"template":728},"twenty-twenty-through-a-bug-bounty-lens","content:en-us:blog:twenty-twenty-through-a-bug-bounty-lens.yml","Twenty Twenty Through A Bug Bounty Lens","en-us/blog/twenty-twenty-through-a-bug-bounty-lens.yml","en-us/blog/twenty-twenty-through-a-bug-bounty-lens",{"_path":3790,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3791,"content":3796,"config":3800,"_id":3802,"_type":16,"title":3803,"_source":17,"_file":3804,"_stem":3805,"_extension":20},"/en-us/blog/security-features-in-ultimate",{"title":3792,"description":3793,"ogTitle":3792,"ogDescription":3793,"noIndex":6,"ogImage":3315,"ogUrl":3794,"ogSiteName":918,"ogType":919,"canonicalUrls":3794,"schema":3795},"Tired of afterthought security? Take a fresh look at GitLab Ultimate","Security may not be the first thing that comes to mind when thinking of our DevOps platform, but we’re going to make the case it should be. Here’s a look at some of the too-often-overlooked security features in GitLab Ultimate.","https://about.gitlab.com/blog/security-features-in-ultimate","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Tired of afterthought security? Take a fresh look at GitLab Ultimate\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Cindy Blake\"}],\n \"datePublished\": \"2020-12-08\",\n }",{"title":3792,"description":3793,"authors":3797,"heroImage":3315,"date":3798,"category":14,"tags":3799},[2725],"2020-12-08",[14,563,780,232],{"slug":3801,"featured":6,"template":728},"security-features-in-ultimate","content:en-us:blog:security-features-in-ultimate.yml","Security Features In Ultimate","en-us/blog/security-features-in-ultimate.yml","en-us/blog/security-features-in-ultimate",{"_path":3807,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3808,"content":3814,"config":3820,"_id":3822,"_type":16,"title":3823,"_source":17,"_file":3824,"_stem":3825,"_extension":20},"/en-us/blog/container-network-security-is-important",{"title":3809,"description":3810,"ogTitle":3809,"ogDescription":3810,"noIndex":6,"ogImage":3811,"ogUrl":3812,"ogSiteName":918,"ogType":919,"canonicalUrls":3812,"schema":3813},"How to secure your Kubernetes pods using GitLab Container Network Security","We help you get started with securing your Kubernetes cluster using Cilium, a GitLab-managed application.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749681687/Blog/Hero%20Images/diane-helentjaris-TYk0YQbog9g-unsplash.jpg","https://about.gitlab.com/blog/container-network-security-is-important","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How to secure your Kubernetes pods using GitLab Container Network Security\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Fernando Diaz\"}],\n \"datePublished\": \"2020-10-23\",\n }",{"title":3809,"description":3810,"authors":3815,"heroImage":3811,"date":3816,"category":14,"tags":3817},[759],"2020-10-23",[14,3818,2010,3819,764],"careers","agile",{"slug":3821,"featured":6,"template":728},"container-network-security-is-important","content:en-us:blog:container-network-security-is-important.yml","Container Network Security Is Important","en-us/blog/container-network-security-is-important.yml","en-us/blog/container-network-security-is-important",{"_path":3827,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3828,"content":3834,"config":3840,"_id":3842,"_type":16,"title":3843,"_source":17,"_file":3844,"_stem":3845,"_extension":20},"/en-us/blog/why-security-champions",{"title":3829,"description":3830,"ogTitle":3829,"ogDescription":3830,"noIndex":6,"ogImage":3831,"ogUrl":3832,"ogSiteName":918,"ogType":919,"canonicalUrls":3832,"schema":3833},"Why you need a security champions program","Faster releases, more open source code, and developers unlikely to have formal security training = at risk software apps. The solution? A security champions program.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749664002/Blog/Hero%20Images/securitychampions.jpg","https://about.gitlab.com/blog/why-security-champions","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Why you need a security champions program\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Valerie Silverthorne\"}],\n \"datePublished\": \"2020-10-14\",\n }",{"title":3829,"description":3830,"authors":3835,"heroImage":3831,"date":3837,"category":14,"tags":3838},[3836],"Valerie Silverthorne","2020-10-14",[14,1337,3839],"developer survey",{"slug":3841,"featured":6,"template":728},"why-security-champions","content:en-us:blog:why-security-champions.yml","Why Security Champions","en-us/blog/why-security-champions.yml","en-us/blog/why-security-champions",{"_path":3847,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3848,"content":3854,"config":3858,"_id":3860,"_type":16,"title":3861,"_source":17,"_file":3862,"_stem":3863,"_extension":20},"/en-us/blog/gitlab-latest-security-trends",{"title":3849,"description":3850,"ogTitle":3849,"ogDescription":3850,"noIndex":6,"ogImage":3851,"ogUrl":3852,"ogSiteName":918,"ogType":919,"canonicalUrls":3852,"schema":3853},"GitLab's security trends report – our latest look at what's most vulnerable","From triage to containers and secrets storage, we took a look at the most vulnerable areas across thousands of hosted projects on GitLab.com. Here's what you need to know.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749678152/Blog/Hero%20Images/data.jpg","https://about.gitlab.com/blog/gitlab-latest-security-trends","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"GitLab's security trends report – our latest look at what's most vulnerable\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Wayne Haber\"}],\n \"datePublished\": \"2020-10-06\",\n }",{"title":3849,"description":3850,"authors":3855,"heroImage":3851,"date":3856,"category":14,"tags":3857},[3363],"2020-10-06",[14,1337],{"slug":3859,"featured":6,"template":728},"gitlab-latest-security-trends","content:en-us:blog:gitlab-latest-security-trends.yml","Gitlab Latest Security Trends","en-us/blog/gitlab-latest-security-trends.yml","en-us/blog/gitlab-latest-security-trends",{"_path":3865,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3866,"content":3872,"config":3876,"_id":3878,"_type":16,"title":3879,"_source":17,"_file":3880,"_stem":3881,"_extension":20},"/en-us/blog/top-tips-for-better-bug-bounty-reports-and-a-hacker-contest",{"title":3867,"description":3868,"ogTitle":3867,"ogDescription":3868,"noIndex":6,"ogImage":3869,"ogUrl":3870,"ogSiteName":918,"ogType":919,"canonicalUrls":3870,"schema":3871},"Our top tips for better bug bounty reports, plus a hacker contest!","Our AppSec team breaks down what makes a great bug bounty report. That advice comes just in time, as we're having another bug bounty contest.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749671004/Blog/Hero%20Images/pexels-shawn-stutzman-1010496.jpg","https://about.gitlab.com/blog/top-tips-for-better-bug-bounty-reports-and-a-hacker-contest","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Our top tips for better bug bounty reports, plus a hacker contest!\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Heather Simpson\"}],\n \"datePublished\": \"2020-09-28\",\n }",{"title":3867,"description":3868,"authors":3873,"heroImage":3869,"date":3874,"category":14,"tags":3875},[2744],"2020-09-28",[14,1041],{"slug":3877,"featured":6,"template":728},"top-tips-for-better-bug-bounty-reports-and-a-hacker-contest","content:en-us:blog:top-tips-for-better-bug-bounty-reports-and-a-hacker-contest.yml","Top Tips For Better Bug Bounty Reports And A Hacker Contest","en-us/blog/top-tips-for-better-bug-bounty-reports-and-a-hacker-contest.yml","en-us/blog/top-tips-for-better-bug-bounty-reports-and-a-hacker-contest",{"_path":3883,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3884,"content":3890,"config":3894,"_id":3896,"_type":16,"title":3897,"_source":17,"_file":3898,"_stem":3899,"_extension":20},"/en-us/blog/how-to-configure-dast-full-scans-for-complex-web-applications",{"title":3885,"description":3886,"ogTitle":3885,"ogDescription":3886,"noIndex":6,"ogImage":3887,"ogUrl":3888,"ogSiteName":918,"ogType":919,"canonicalUrls":3888,"schema":3889},"How to configure DAST full scans for complex web applications","Keep your DAST job within timeout limits and fine-tune job configurations for better results","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749679617/Blog/Hero%20Images/tuning-237454.jpg","https://about.gitlab.com/blog/how-to-configure-dast-full-scans-for-complex-web-applications","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How to configure DAST full scans for complex web applications\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Dennis Appelt\"}],\n \"datePublished\": \"2020-08-31\",\n }",{"title":3885,"description":3886,"authors":3891,"heroImage":3887,"date":3892,"category":14,"tags":3893},[2045],"2020-08-31",[14,1337,1096],{"slug":3895,"featured":6,"template":728},"how-to-configure-dast-full-scans-for-complex-web-applications","content:en-us:blog:how-to-configure-dast-full-scans-for-complex-web-applications.yml","How To Configure Dast Full Scans For Complex Web Applications","en-us/blog/how-to-configure-dast-full-scans-for-complex-web-applications.yml","en-us/blog/how-to-configure-dast-full-scans-for-complex-web-applications",{"_path":3901,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3902,"content":3907,"config":3913,"_id":3915,"_type":16,"title":3916,"_source":17,"_file":3917,"_stem":3918,"_extension":20},"/en-us/blog/gitlab-com-13-4-breaking-changes",{"title":3903,"description":3904,"ogTitle":3903,"ogDescription":3904,"noIndex":6,"ogImage":3296,"ogUrl":3905,"ogSiteName":918,"ogType":919,"canonicalUrls":3905,"schema":3906},"Upcoming Breaking Changes to Secure Analyzers in GitLab 13.4","Our next release, 13.4, will include narrow breaking changes for our Secure scanning features. Find out how this could affect you and what you need to do.","https://about.gitlab.com/blog/gitlab-com-13-4-breaking-changes","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Upcoming GitLab.com narrow breaking changes to Secure Analyzers in GitLab 13.4\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Taylor McCaslin\"}],\n \"datePublished\": \"2020-08-19\",\n }",{"title":3908,"description":3904,"authors":3909,"heroImage":3296,"date":3911,"category":14,"tags":3912},"Upcoming GitLab.com narrow breaking changes to Secure Analyzers in GitLab 13.4",[3910],"Taylor McCaslin","2020-08-19",[743,110,14],{"slug":3914,"featured":6,"template":728},"gitlab-com-13-4-breaking-changes","content:en-us:blog:gitlab-com-13-4-breaking-changes.yml","Gitlab Com 13 4 Breaking Changes","en-us/blog/gitlab-com-13-4-breaking-changes.yml","en-us/blog/gitlab-com-13-4-breaking-changes",{"_path":3920,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3921,"content":3927,"config":3931,"_id":3933,"_type":16,"title":3934,"_source":17,"_file":3935,"_stem":3936,"_extension":20},"/en-us/blog/how-to-play-gitlab-ctf-at-home",{"title":3922,"description":3923,"ogTitle":3922,"ogDescription":3923,"noIndex":6,"ogImage":3924,"ogUrl":3925,"ogSiteName":918,"ogType":919,"canonicalUrls":3925,"schema":3926},"How to play GitLab's Capture the Flag at home","Our AppSec team built and ran a CTF, and now it's available for you to play at home.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749681485/Blog/Hero%20Images/gitlab_ctf.png","https://about.gitlab.com/blog/how-to-play-gitlab-ctf-at-home","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How to play GitLab's Capture the Flag at home\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Joern Schneeweisz\"}],\n \"datePublished\": \"2020-08-12\",\n }",{"title":3922,"description":3923,"authors":3928,"heroImage":3924,"date":3929,"category":14,"tags":3930},[2537],"2020-08-12",[14,1337,1096],{"slug":3932,"featured":6,"template":728},"how-to-play-gitlab-ctf-at-home","content:en-us:blog:how-to-play-gitlab-ctf-at-home.yml","How To Play Gitlab Ctf At Home","en-us/blog/how-to-play-gitlab-ctf-at-home.yml","en-us/blog/how-to-play-gitlab-ctf-at-home",{"_path":3938,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3939,"content":3945,"config":3949,"_id":3951,"_type":16,"title":3952,"_source":17,"_file":3953,"_stem":3954,"_extension":20},"/en-us/blog/how-to-benchmark-security-tools",{"title":3940,"description":3941,"ogTitle":3940,"ogDescription":3941,"noIndex":6,"ogImage":3942,"ogUrl":3943,"ogSiteName":918,"ogType":919,"canonicalUrls":3943,"schema":3944},"How to benchmark security tools: a case study using WebGoat","When tasked to compare security tools, it's critical to understand what's a fair benchmark. We take you step by step through WebGoat's lessons and compare them to SAST and DAST results.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749678166/Blog/Hero%20Images/benchmarking.jpg","https://about.gitlab.com/blog/how-to-benchmark-security-tools","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How to benchmark security tools: a case study using WebGoat\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Isaac Dawson\"}],\n \"datePublished\": \"2020-08-11\",\n }",{"title":3940,"description":3941,"authors":3946,"heroImage":3942,"date":3947,"category":14,"tags":3948},[3135],"2020-08-11",[14,1337,764],{"slug":3950,"featured":6,"template":728},"how-to-benchmark-security-tools","content:en-us:blog:how-to-benchmark-security-tools.yml","How To Benchmark Security Tools","en-us/blog/how-to-benchmark-security-tools.yml","en-us/blog/how-to-benchmark-security-tools",{"_path":3956,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3957,"content":3963,"config":3967,"_id":3969,"_type":16,"title":3970,"_source":17,"_file":3971,"_stem":3972,"_extension":20},"/en-us/blog/whitesource-for-dependency-scanning",{"title":3958,"description":3959,"ogTitle":3958,"ogDescription":3959,"noIndex":6,"ogImage":3960,"ogUrl":3961,"ogSiteName":918,"ogType":919,"canonicalUrls":3961,"schema":3962},"How to secure your dependencies with GitLab and WhiteSource","We walk you through how to configure WhiteSource in your GitLab instance to enhance your application security.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749663445/Blog/Hero%20Images/snowymtns.jpg","https://about.gitlab.com/blog/whitesource-for-dependency-scanning","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How to secure your dependencies with GitLab and WhiteSource\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Fernando Diaz\"}],\n \"datePublished\": \"2020-08-10\",\n }",{"title":3958,"description":3959,"authors":3964,"heroImage":3960,"date":3965,"category":14,"tags":3966},[759],"2020-08-10",[110,14,232,3819,2010],{"slug":3968,"featured":6,"template":728},"whitesource-for-dependency-scanning","content:en-us:blog:whitesource-for-dependency-scanning.yml","Whitesource For Dependency Scanning","en-us/blog/whitesource-for-dependency-scanning.yml","en-us/blog/whitesource-for-dependency-scanning",{"_path":3974,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3975,"content":3980,"config":3985,"_id":3987,"_type":16,"title":3988,"_source":17,"_file":3989,"_stem":3990,"_extension":20},"/en-us/blog/container-security-in-gitlab",{"title":3976,"description":3977,"ogTitle":3976,"ogDescription":3977,"noIndex":6,"ogImage":2588,"ogUrl":3978,"ogSiteName":918,"ogType":919,"canonicalUrls":3978,"schema":3979},"Get better container security with GitLab: 4 real-world examples","Containers are increasingly popular – and increasingly vulnerable. Using\nfour threat scenarios, we step through how GitLab's built-in security\nfeatures will make containers safer.","https://about.gitlab.com/blog/container-security-in-gitlab","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Get better container security with GitLab: 4 real-world examples\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Thiago Figueiró\"}],\n \"datePublished\": \"2020-07-28\",\n }",{"title":3976,"description":3977,"authors":3981,"heroImage":2588,"date":3983,"category":14,"tags":3984},[3982],"Thiago Figueiró","2020-07-28",[2010,14,3491],{"slug":3986,"featured":6,"template":728},"container-security-in-gitlab","content:en-us:blog:container-security-in-gitlab.yml","Container Security In Gitlab","en-us/blog/container-security-in-gitlab.yml","en-us/blog/container-security-in-gitlab",{"_path":3992,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":3993,"content":3999,"config":4005,"_id":4007,"_type":16,"title":4008,"_source":17,"_file":4009,"_stem":4010,"_extension":20},"/en-us/blog/package-key-extension",{"title":3994,"description":3995,"ogTitle":3994,"ogDescription":3995,"noIndex":6,"ogImage":3996,"ogUrl":3997,"ogSiteName":918,"ogType":919,"canonicalUrls":3997,"schema":3998},"GitLab extends package signing key expiration to 2022","Our GPG key will now expire on July 1, 2021. Here's what you need to know.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749666262/Blog/Hero%20Images/default-blog-image.png","https://about.gitlab.com/blog/package-key-extension","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"GitLab will extend package signing key expiration by one year\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Gerard Hickey\"}],\n \"datePublished\": \"2020-06-25\",\n }",{"title":4000,"description":3995,"authors":4001,"heroImage":3996,"date":4003,"category":14,"tags":4004},"GitLab will extend package signing key expiration by one year",[4002],"Gerard Hickey","2020-06-25",[14,1989,965],{"slug":4006,"featured":6,"template":728},"package-key-extension","content:en-us:blog:package-key-extension.yml","Package Key Extension","en-us/blog/package-key-extension.yml","en-us/blog/package-key-extension",{"_path":4012,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4013,"content":4019,"config":4025,"_id":4027,"_type":16,"title":4028,"_source":17,"_file":4029,"_stem":4030,"_extension":20},"/en-us/blog/soc2-compliance",{"title":4014,"description":4015,"ogTitle":4014,"ogDescription":4015,"noIndex":6,"ogImage":4016,"ogUrl":4017,"ogSiteName":918,"ogType":919,"canonicalUrls":4017,"schema":4018},"How secure is GitLab?","Learn about GitLab's commitment to security and compliance, our security program maturity and accreditations.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749669646/Blog/Hero%20Images/blog-soc2-compliance.jpg","https://about.gitlab.com/blog/soc2-compliance","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How secure is GitLab?\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Saumya Upadhyaya\"},{\"@type\":\"Person\",\"name\":\"Dov Hershkovitch\"}],\n \"datePublished\": \"2020-06-24\",\n }",{"title":4014,"description":4015,"authors":4020,"heroImage":4016,"date":4023,"category":14,"tags":4024},[4021,4022],"Saumya Upadhyaya","Dov Hershkovitch","2020-06-24",[563,780,14],{"slug":4026,"featured":6,"template":728},"soc2-compliance","content:en-us:blog:soc2-compliance.yml","Soc2 Compliance","en-us/blog/soc2-compliance.yml","en-us/blog/soc2-compliance",{"_path":4032,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4033,"content":4039,"config":4043,"_id":4045,"_type":16,"title":4046,"_source":17,"_file":4047,"_stem":4048,"_extension":20},"/en-us/blog/gitlab-instance-security-best-practices",{"title":4034,"description":4035,"ogTitle":4034,"ogDescription":4035,"noIndex":6,"ogImage":4036,"ogUrl":4037,"ogSiteName":918,"ogType":919,"canonicalUrls":4037,"schema":4038},"GitLab instance: security best practices","Default settings on products can be massively helpful. However, when it comes to hardening your GitLab instance, we’ve got some helpful configuration recommendations from our security team.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749667057/Blog/Hero%20Images/configs_unsplash.jpg","https://about.gitlab.com/blog/gitlab-instance-security-best-practices","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"GitLab instance: security best practices\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Mark Loveless\"}],\n \"datePublished\": \"2020-05-20\",\n }",{"title":4034,"description":4035,"authors":4040,"heroImage":4036,"date":4041,"category":14,"tags":4042},[1747],"2020-05-20",[14,1337,763],{"slug":4044,"featured":6,"template":728},"gitlab-instance-security-best-practices","content:en-us:blog:gitlab-instance-security-best-practices.yml","Gitlab Instance Security Best Practices","en-us/blog/gitlab-instance-security-best-practices.yml","en-us/blog/gitlab-instance-security-best-practices",{"_path":4050,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4051,"content":4057,"config":4062,"_id":4064,"_type":16,"title":4065,"_source":17,"_file":4066,"_stem":4067,"_extension":20},"/en-us/blog/benefits-of-transparency-in-compliance",{"title":4052,"description":4053,"ogTitle":4052,"ogDescription":4053,"noIndex":6,"ogImage":4054,"ogUrl":4055,"ogSiteName":918,"ogType":919,"canonicalUrls":4055,"schema":4056},"The benefits of transparency in a compliance audit","We’re transparent by default, and just completed our first SOC 2 Type 1 audit! How does our public-first stance affect our compliance efforts and impact an audit?","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749681258/Blog/Hero%20Images/mvdheuvel-unsplash.jpg","https://about.gitlab.com/blog/benefits-of-transparency-in-compliance","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"The benefits of transparency in a compliance audit\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Steve Truong\"}],\n \"datePublished\": \"2020-04-28\",\n }",{"title":4052,"description":4053,"authors":4058,"heroImage":4054,"date":4060,"category":14,"tags":4061},[4059],"Steve Truong","2020-04-28",[839,14],{"slug":4063,"featured":6,"template":728},"benefits-of-transparency-in-compliance","content:en-us:blog:benefits-of-transparency-in-compliance.yml","Benefits Of Transparency In Compliance","en-us/blog/benefits-of-transparency-in-compliance.yml","en-us/blog/benefits-of-transparency-in-compliance",{"_path":4069,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4070,"content":4076,"config":4080,"_id":4082,"_type":16,"title":4083,"_source":17,"_file":4084,"_stem":4085,"_extension":20},"/en-us/blog/open-source-security",{"title":4071,"description":4072,"ogTitle":4071,"ogDescription":4072,"noIndex":6,"ogImage":4073,"ogUrl":4074,"ogSiteName":918,"ogType":919,"canonicalUrls":4074,"schema":4075},"How we manage open source security software","Open source software presents unique security challenges. Here’s what you need to know.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749681227/Blog/Hero%20Images/opensourcesecurity.jpg","https://about.gitlab.com/blog/open-source-security","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How we manage open source security software\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Mark Loveless\"}],\n \"datePublished\": \"2020-04-10\",\n }",{"title":4071,"description":4072,"authors":4077,"heroImage":4073,"date":4078,"category":14,"tags":4079},[1747],"2020-04-10",[1096,14,1337],{"slug":4081,"featured":6,"template":728},"open-source-security","content:en-us:blog:open-source-security.yml","Open Source Security","en-us/blog/open-source-security.yml","en-us/blog/open-source-security",{"_path":4087,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4088,"content":4094,"config":4098,"_id":4100,"_type":16,"title":4101,"_source":17,"_file":4102,"_stem":4103,"_extension":20},"/en-us/blog/security-trends-in-gitlab-hosted-projects",{"title":4089,"description":4090,"ogTitle":4089,"ogDescription":4090,"noIndex":6,"ogImage":4091,"ogUrl":4092,"ogSiteName":918,"ogType":919,"canonicalUrls":4092,"schema":4093},"Top 6 security trends in GitLab-hosted projects","Using components with known vulnerabilities is the most common security problem in GitLab.com-hosted projects.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749663502/Blog/Hero%20Images/paperclips.jpg","https://about.gitlab.com/blog/security-trends-in-gitlab-hosted-projects","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Top 6 security trends in GitLab-hosted projects\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Wayne Haber\"}],\n \"datePublished\": \"2020-04-02\",\n }",{"title":4089,"description":4090,"authors":4095,"heroImage":4091,"date":4096,"category":14,"tags":4097},[3363],"2020-04-02",[14,1337],{"slug":4099,"featured":6,"template":728},"security-trends-in-gitlab-hosted-projects","content:en-us:blog:security-trends-in-gitlab-hosted-projects.yml","Security Trends In Gitlab Hosted Projects","en-us/blog/security-trends-in-gitlab-hosted-projects.yml","en-us/blog/security-trends-in-gitlab-hosted-projects",{"_path":4105,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4106,"content":4111,"config":4115,"_id":4117,"_type":16,"title":4118,"_source":17,"_file":4119,"_stem":4120,"_extension":20},"/en-us/blog/how-to-exploit-parser-differentials",{"title":4107,"description":4108,"ogTitle":4107,"ogDescription":4108,"noIndex":6,"ogImage":2532,"ogUrl":4109,"ogSiteName":918,"ogType":919,"canonicalUrls":4109,"schema":4110},"How to exploit parser differentials","Your guide to abusing 'language barriers' between web components.","https://about.gitlab.com/blog/how-to-exploit-parser-differentials","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How to exploit parser differentials\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Joern Schneeweisz\"}],\n \"datePublished\": \"2020-03-30\",\n }",{"title":4107,"description":4108,"authors":4112,"heroImage":2532,"date":4113,"category":14,"tags":4114},[2537],"2020-03-30",[14,1337],{"slug":4116,"featured":6,"template":728},"how-to-exploit-parser-differentials","content:en-us:blog:how-to-exploit-parser-differentials.yml","How To Exploit Parser Differentials","en-us/blog/how-to-exploit-parser-differentials.yml","en-us/blog/how-to-exploit-parser-differentials",{"_path":4122,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4123,"content":4129,"config":4133,"_id":4135,"_type":16,"title":4136,"_source":17,"_file":4137,"_stem":4138,"_extension":20},"/en-us/blog/questions-regarding-our-zero-trust-efforts",{"title":4124,"description":4125,"ogTitle":4124,"ogDescription":4125,"noIndex":6,"ogImage":4126,"ogUrl":4127,"ogSiteName":918,"ogType":919,"canonicalUrls":4127,"schema":4128},"We answer your most popular questions about our Zero Trust journey","From why we chose Okta to issues around data fluidity, here are answers to your most-asked ZT questions.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749681098/Blog/Hero%20Images/lysander-yuen-wk-ztn-unsplash.jpg","https://about.gitlab.com/blog/questions-regarding-our-zero-trust-efforts","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"We answer your most popular questions about our Zero Trust journey\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Mark Loveless\"}],\n \"datePublished\": \"2020-02-19\",\n }",{"title":4124,"description":4125,"authors":4130,"heroImage":4126,"date":4131,"category":14,"tags":4132},[1747],"2020-02-19",[839,14,1881],{"slug":4134,"featured":6,"template":728},"questions-regarding-our-zero-trust-efforts","content:en-us:blog:questions-regarding-our-zero-trust-efforts.yml","Questions Regarding Our Zero Trust Efforts","en-us/blog/questions-regarding-our-zero-trust-efforts.yml","en-us/blog/questions-regarding-our-zero-trust-efforts",{"_path":4140,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4141,"content":4147,"config":4152,"_id":4154,"_type":16,"title":4155,"_source":17,"_file":4156,"_stem":4157,"_extension":20},"/en-us/blog/plundering-gcp-escalating-privileges-in-google-cloud-platform",{"title":4142,"description":4143,"ogTitle":4142,"ogDescription":4143,"noIndex":6,"ogImage":4144,"ogUrl":4145,"ogSiteName":918,"ogType":919,"canonicalUrls":4145,"schema":4146},"Google Cloud privilege escalation & post-exploitation tactics","A Red Team exercise on exploiting design decisions on GCP.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749672755/Blog/Hero%20Images/white-lightning-heating-mountain.jpg","https://about.gitlab.com/blog/plundering-gcp-escalating-privileges-in-google-cloud-platform","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Tutorial on privilege escalation and post exploitation tactics in Google Cloud Platform environments\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Chris Moberly\"}],\n \"datePublished\": \"2020-02-12\",\n }",{"title":4148,"description":4143,"authors":4149,"heroImage":4144,"date":4150,"category":14,"tags":4151},"Tutorial on privilege escalation and post exploitation tactics in Google Cloud Platform environments",[1131],"2020-02-12",[14,1337,1096],{"slug":4153,"featured":6,"template":728},"plundering-gcp-escalating-privileges-in-google-cloud-platform","content:en-us:blog:plundering-gcp-escalating-privileges-in-google-cloud-platform.yml","Plundering Gcp Escalating Privileges In Google Cloud Platform","en-us/blog/plundering-gcp-escalating-privileges-in-google-cloud-platform.yml","en-us/blog/plundering-gcp-escalating-privileges-in-google-cloud-platform",{"_path":4159,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4160,"content":4166,"config":4170,"_id":4172,"_type":16,"title":4173,"_source":17,"_file":4174,"_stem":4175,"_extension":20},"/en-us/blog/gitlab-is-now-a-member-of-the-owasp-foundation",{"title":4161,"description":4162,"ogTitle":4161,"ogDescription":4162,"noIndex":6,"ogImage":4163,"ogUrl":4164,"ogSiteName":918,"ogType":919,"canonicalUrls":4164,"schema":4165},"GitLab is now a member of the OWASP Foundation","GitLab is thrilled to announce our membership in the OWASP Foundation.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749679658/Blog/Hero%20Images/Owasp_logo.jpg","https://about.gitlab.com/blog/gitlab-is-now-a-member-of-the-owasp-foundation","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"GitLab is now a member of the OWASP Foundation\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Wayne Haber\"}],\n \"datePublished\": \"2020-01-21\",\n }",{"title":4161,"description":4162,"authors":4167,"heroImage":4163,"date":4168,"category":14,"tags":4169},[3363],"2020-01-21",[278,946,1096,14],{"slug":4171,"featured":6,"template":728},"gitlab-is-now-a-member-of-the-owasp-foundation","content:en-us:blog:gitlab-is-now-a-member-of-the-owasp-foundation.yml","Gitlab Is Now A Member Of The Owasp Foundation","en-us/blog/gitlab-is-now-a-member-of-the-owasp-foundation.yml","en-us/blog/gitlab-is-now-a-member-of-the-owasp-foundation",{"_path":4177,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4178,"content":4184,"config":4188,"_id":4190,"_type":16,"title":4191,"_source":17,"_file":4192,"_stem":4193,"_extension":20},"/en-us/blog/celebrating-one-million-bug-bounties-paid",{"title":4179,"description":4180,"ogTitle":4179,"ogDescription":4180,"noIndex":6,"ogImage":4181,"ogUrl":4182,"ogSiteName":918,"ogType":919,"canonicalUrls":4182,"schema":4183},"Celebrating a million dollars in bounties paid","Our bug bounty program has grown, expanded and matured in the past 5 years. A lot can happen in a million dollars’ time.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749680992/Blog/Hero%20Images/silhouette-of-crowd-people-1486628.jpg","https://about.gitlab.com/blog/celebrating-one-million-bug-bounties-paid","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Celebrating a million dollars in bounties paid\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Heather Simpson\"}],\n \"datePublished\": \"2020-01-14\",\n }",{"title":4179,"description":4180,"authors":4185,"heroImage":4181,"date":4186,"category":14,"tags":4187},[2744],"2020-01-14",[14,1041,1096],{"slug":4189,"featured":6,"template":728},"celebrating-one-million-bug-bounties-paid","content:en-us:blog:celebrating-one-million-bug-bounties-paid.yml","Celebrating One Million Bug Bounties Paid","en-us/blog/celebrating-one-million-bug-bounties-paid.yml","en-us/blog/celebrating-one-million-bug-bounties-paid",{"_path":4195,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4196,"content":4202,"config":4207,"_id":4209,"_type":16,"title":4210,"_source":17,"_file":4211,"_stem":4212,"_extension":20},"/en-us/blog/introducing-token-hunter",{"title":4197,"description":4198,"ogTitle":4197,"ogDescription":4198,"noIndex":6,"ogImage":4199,"ogUrl":4200,"ogSiteName":918,"ogType":919,"canonicalUrls":4200,"schema":4201},"Introducing Token-Hunter","Our red team has created a new tool to find sensitive data in the vast, wide-open.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749679669/Blog/Hero%20Images/lightscape-Bsw6l6e01Rw-unsplash.jpg","https://about.gitlab.com/blog/introducing-token-hunter","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Introducing Token-Hunter\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Greg Johnson\"}],\n \"datePublished\": \"2019-12-20\",\n }",{"title":4197,"description":4198,"authors":4203,"heroImage":4199,"date":4205,"category":14,"tags":4206},[4204],"Greg Johnson","2019-12-20",[14,1337,1096],{"slug":4208,"featured":6,"template":728},"introducing-token-hunter","content:en-us:blog:introducing-token-hunter.yml","Introducing Token Hunter","en-us/blog/introducing-token-hunter.yml","en-us/blog/introducing-token-hunter",{"_path":4214,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4215,"content":4220,"config":4225,"_id":4227,"_type":16,"title":4228,"_source":17,"_file":4229,"_stem":4230,"_extension":20},"/en-us/blog/bugs-bounties-and-cherry-browns",{"title":4216,"description":4217,"ogTitle":4216,"ogDescription":4217,"noIndex":6,"ogImage":3776,"ogUrl":4218,"ogSiteName":918,"ogType":919,"canonicalUrls":4218,"schema":4219},"Bugs, bounties, and cherry browns","Cheers, our bug bounty program is celebrating one year!","https://about.gitlab.com/blog/bugs-bounties-and-cherry-browns","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Bugs, bounties, and cherry browns\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Juan Broullon\"}],\n \"datePublished\": \"2019-12-12\",\n }",{"title":4216,"description":4217,"authors":4221,"heroImage":3776,"date":4223,"category":14,"tags":4224},[4222],"Juan Broullon","2019-12-12",[14,1041],{"slug":4226,"featured":6,"template":728},"bugs-bounties-and-cherry-browns","content:en-us:blog:bugs-bounties-and-cherry-browns.yml","Bugs Bounties And Cherry Browns","en-us/blog/bugs-bounties-and-cherry-browns.yml","en-us/blog/bugs-bounties-and-cherry-browns",{"_path":4232,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4233,"content":4238,"config":4242,"_id":4244,"_type":16,"title":4245,"_source":17,"_file":4246,"_stem":4247,"_extension":20},"/en-us/blog/shopping-for-an-admin-account",{"title":4234,"description":4235,"ogTitle":4234,"ogDescription":4235,"noIndex":6,"ogImage":2532,"ogUrl":4236,"ogSiteName":918,"ogType":919,"canonicalUrls":4236,"schema":4237},"Shopping for an admin account via path traversal","How to exploit a path traversal issue to gain an admin account","https://about.gitlab.com/blog/shopping-for-an-admin-account","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Shopping for an admin account via path traversal\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Joern Schneeweisz\"}],\n \"datePublished\": \"2019-11-29\",\n }",{"title":4234,"description":4235,"authors":4239,"heroImage":2532,"date":4240,"category":14,"tags":4241},[2537],"2019-11-29",[14,1337],{"slug":4243,"featured":6,"template":728},"shopping-for-an-admin-account","content:en-us:blog:shopping-for-an-admin-account.yml","Shopping For An Admin Account","en-us/blog/shopping-for-an-admin-account.yml","en-us/blog/shopping-for-an-admin-account",{"_path":4249,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4250,"content":4256,"config":4261,"_id":4263,"_type":16,"title":4264,"_source":17,"_file":4265,"_stem":4266,"_extension":20},"/en-us/blog/toolchain-security-with-gitlab",{"title":4251,"description":4252,"ogTitle":4251,"ogDescription":4252,"noIndex":6,"ogImage":4253,"ogUrl":4254,"ogSiteName":918,"ogType":919,"canonicalUrls":4254,"schema":4255},"How to overcome toolchain security challenges with GitLab","Use GitLab to control your toolchain sprawl, improve team communication and productivity, and secure your DevOps lifecycle.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749673158/Blog/Hero%20Images/toolchain-security-gitlab-cover.jpg","https://about.gitlab.com/blog/toolchain-security-with-gitlab","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How to overcome toolchain security challenges with GitLab\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Vanessa Wegner\"}],\n \"datePublished\": \"2019-11-20\",\n }",{"title":4251,"description":4252,"authors":4257,"heroImage":4253,"date":4259,"category":14,"tags":4260},[4258],"Vanessa Wegner","2019-11-20",[563,1504,14],{"slug":4262,"featured":6,"template":728},"toolchain-security-with-gitlab","content:en-us:blog:toolchain-security-with-gitlab.yml","Toolchain Security With Gitlab","en-us/blog/toolchain-security-with-gitlab.yml","en-us/blog/toolchain-security-with-gitlab",{"_path":4268,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4269,"content":4275,"config":4279,"_id":4281,"_type":16,"title":4282,"_source":17,"_file":4283,"_stem":4284,"_extension":20},"/en-us/blog/were-increasing-bounties-in-our-bug-bounty-program",{"title":4270,"description":4271,"ogTitle":4270,"ogDescription":4271,"noIndex":6,"ogImage":4272,"ogUrl":4273,"ogSiteName":918,"ogType":919,"canonicalUrls":4273,"schema":4274},"We are increasing bounties in our bug bounty program","We're now offering higher bounties for critical and high severity reports.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749672689/Blog/Hero%20Images/banter-snaps-REyoFHP9pw8-unsplash.jpg","https://about.gitlab.com/blog/were-increasing-bounties-in-our-bug-bounty-program","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"We are increasing bounties in our bug bounty program\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Heather Simpson\"}],\n \"datePublished\": \"2019-11-18\",\n }",{"title":4270,"description":4271,"authors":4276,"heroImage":4272,"date":4277,"category":14,"tags":4278},[2744],"2019-11-18",[14,1041],{"slug":4280,"featured":6,"template":728},"were-increasing-bounties-in-our-bug-bounty-program","content:en-us:blog:were-increasing-bounties-in-our-bug-bounty-program.yml","Were Increasing Bounties In Our Bug Bounty Program","en-us/blog/were-increasing-bounties-in-our-bug-bounty-program.yml","en-us/blog/were-increasing-bounties-in-our-bug-bounty-program",{"_path":4286,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4287,"content":4293,"config":4297,"_id":4299,"_type":16,"title":4300,"_source":17,"_file":4301,"_stem":4302,"_extension":20},"/en-us/blog/zero-trust-at-gitlab-where-do-we-go-from-here",{"title":4288,"description":4289,"ogTitle":4288,"ogDescription":4289,"noIndex":6,"ogImage":4290,"ogUrl":4291,"ogSiteName":918,"ogType":919,"canonicalUrls":4291,"schema":4292},"Zero Trust at GitLab: Where do we go from here?","We take a look back at how far we've come in our ZTN implementation, and at the progress we still need to make.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749679704/Blog/Hero%20Images/puria-berenji-Dyi1K2atCRw-unsplash.jpg","https://about.gitlab.com/blog/zero-trust-at-gitlab-where-do-we-go-from-here","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Zero Trust at GitLab: Where do we go from here?\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Mark Loveless\"}],\n \"datePublished\": \"2019-10-15\",\n }",{"title":4288,"description":4289,"authors":4294,"heroImage":4290,"date":4295,"category":14,"tags":4296},[1747],"2019-10-15",[839,14,1881],{"slug":4298,"featured":6,"template":728},"zero-trust-at-gitlab-where-do-we-go-from-here","content:en-us:blog:zero-trust-at-gitlab-where-do-we-go-from-here.yml","Zero Trust At Gitlab Where Do We Go From Here","en-us/blog/zero-trust-at-gitlab-where-do-we-go-from-here.yml","en-us/blog/zero-trust-at-gitlab-where-do-we-go-from-here",{"_path":4304,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4305,"content":4311,"config":4315,"_id":4317,"_type":16,"title":4318,"_source":17,"_file":4319,"_stem":4320,"_extension":20},"/en-us/blog/zero-trust-at-gitlab-implementation-challenges",{"title":4306,"description":4307,"ogTitle":4306,"ogDescription":4307,"noIndex":6,"ogImage":4308,"ogUrl":4309,"ogSiteName":918,"ogType":919,"canonicalUrls":4309,"schema":4310},"Zero Trust at GitLab: Implementation challenges (and a few solutions)","Implementing change in an already working environment always brings its fair share of growing pains. What happens when that change is Zero Trust?","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749665982/Blog/Hero%20Images/jpvalery-9pLx0sLli4unsplash.jpg","https://about.gitlab.com/blog/zero-trust-at-gitlab-implementation-challenges","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Zero Trust at GitLab: Implementation challenges (and a few solutions)\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Mark Loveless\"}],\n \"datePublished\": \"2019-10-02\",\n }",{"title":4306,"description":4307,"authors":4312,"heroImage":4308,"date":4313,"category":14,"tags":4314},[1747],"2019-10-02",[839,14,1881],{"slug":4316,"featured":6,"template":728},"zero-trust-at-gitlab-implementation-challenges","content:en-us:blog:zero-trust-at-gitlab-implementation-challenges.yml","Zero Trust At Gitlab Implementation Challenges","en-us/blog/zero-trust-at-gitlab-implementation-challenges.yml","en-us/blog/zero-trust-at-gitlab-implementation-challenges",{"_path":4322,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4323,"content":4329,"config":4334,"_id":4336,"_type":16,"title":4337,"_source":17,"_file":4338,"_stem":4339,"_extension":20},"/en-us/blog/reducing-time-to-payout-and-launching-a-bug-bounty-anniversary-contest",{"title":4324,"description":4325,"ogTitle":4324,"ogDescription":4325,"noIndex":6,"ogImage":4326,"ogUrl":4327,"ogSiteName":918,"ogType":919,"canonicalUrls":4327,"schema":4328},"GitLab speeds up bug bounty payouts, launches new contest","You talked. We listened. Quicker bug bounty payouts and we're holding a contest for our hackers!","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749678574/Blog/Hero%20Images/art-backlight-blur-249203.jpg","https://about.gitlab.com/blog/reducing-time-to-payout-and-launching-a-bug-bounty-anniversary-contest","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Why we're reducing the time to payout and launching a bug bounty anniversary contest\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Dennis Appelt\"}],\n \"datePublished\": \"2019-09-24\",\n }",{"title":4330,"description":4325,"authors":4331,"heroImage":4326,"date":4332,"category":14,"tags":4333},"Why we're reducing the time to payout and launching a bug bounty anniversary contest",[2045],"2019-09-24",[268,14,839,1041],{"slug":4335,"featured":6,"template":728},"reducing-time-to-payout-and-launching-a-bug-bounty-anniversary-contest","content:en-us:blog:reducing-time-to-payout-and-launching-a-bug-bounty-anniversary-contest.yml","Reducing Time To Payout And Launching A Bug Bounty Anniversary Contest","en-us/blog/reducing-time-to-payout-and-launching-a-bug-bounty-anniversary-contest.yml","en-us/blog/reducing-time-to-payout-and-launching-a-bug-bounty-anniversary-contest",{"_path":4341,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4342,"content":4348,"config":4353,"_id":4355,"_type":16,"title":4356,"_source":17,"_file":4357,"_stem":4358,"_extension":20},"/en-us/blog/zero-trust-at-gitlab-data-zones-and-authentication-scoring",{"title":4343,"description":4344,"ogTitle":4343,"ogDescription":4344,"noIndex":6,"ogImage":4345,"ogUrl":4346,"ogSiteName":918,"ogType":919,"canonicalUrls":4346,"schema":4347},"Zero Trust at GitLab: Data zones & authentication scoring","How we're defining and aligning data zones in our Zero Trust implementation.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749680808/Blog/Hero%20Images/fabio-oyXis2kALVg-unsplash.png","https://about.gitlab.com/blog/zero-trust-at-gitlab-data-zones-and-authentication-scoring","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Zero Trust at GitLab: Mitigating challenges with data zones and authentication scoring\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Mark Loveless\"}],\n \"datePublished\": \"2019-09-06\",\n }",{"title":4349,"description":4344,"authors":4350,"heroImage":4345,"date":4351,"category":14,"tags":4352},"Zero Trust at GitLab: Mitigating challenges with data zones and authentication scoring",[1747],"2019-09-06",[839,14,1881],{"slug":4354,"featured":6,"template":728},"zero-trust-at-gitlab-data-zones-and-authentication-scoring","content:en-us:blog:zero-trust-at-gitlab-data-zones-and-authentication-scoring.yml","Zero Trust At Gitlab Data Zones And Authentication Scoring","en-us/blog/zero-trust-at-gitlab-data-zones-and-authentication-scoring.yml","en-us/blog/zero-trust-at-gitlab-data-zones-and-authentication-scoring",{"_path":4360,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4361,"content":4367,"config":4371,"_id":4373,"_type":16,"title":4374,"_source":17,"_file":4375,"_stem":4376,"_extension":20},"/en-us/blog/zero-trust-at-gitlab-the-data-classification-and-infrastructure-challenge",{"title":4362,"description":4363,"ogTitle":4362,"ogDescription":4363,"noIndex":6,"ogImage":4364,"ogUrl":4365,"ogSiteName":918,"ogType":919,"canonicalUrls":4365,"schema":4366},"Zero Trust at GitLab: The data classification and infrastructure challenge","The classification of data is a huge step in the right direction when it comes to handling Zero Trust, but it comes with its own set of challenges.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749679055/Blog/Hero%20Images/close-up-colorful-colors-40799.jpg","https://about.gitlab.com/blog/zero-trust-at-gitlab-the-data-classification-and-infrastructure-challenge","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Zero Trust at GitLab: The data classification and infrastructure challenge\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Mark Loveless\"}],\n \"datePublished\": \"2019-08-21\",\n }",{"title":4362,"description":4363,"authors":4368,"heroImage":4364,"date":4369,"category":14,"tags":4370},[1747],"2019-08-21",[839,14,1881],{"slug":4372,"featured":6,"template":728},"zero-trust-at-gitlab-the-data-classification-and-infrastructure-challenge","content:en-us:blog:zero-trust-at-gitlab-the-data-classification-and-infrastructure-challenge.yml","Zero Trust At Gitlab The Data Classification And Infrastructure Challenge","en-us/blog/zero-trust-at-gitlab-the-data-classification-and-infrastructure-challenge.yml","en-us/blog/zero-trust-at-gitlab-the-data-classification-and-infrastructure-challenge",{"_path":4378,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4379,"content":4385,"config":4391,"_id":4393,"_type":16,"title":4394,"_source":17,"_file":4395,"_stem":4396,"_extension":20},"/en-us/blog/american-fuzzy-lop-on-gitlab",{"title":4380,"description":4381,"ogTitle":4380,"ogDescription":4381,"noIndex":6,"ogImage":4382,"ogUrl":4383,"ogSiteName":918,"ogType":919,"canonicalUrls":4383,"schema":4384},"GitLab automates instrumented fuzzing via American Fuzzy Lop","An example of how to automate instrumented fuzzing with American Fuzzy Lop using pipelines.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749680723/Blog/Hero%20Images/aerial-shot-birds-eye-view.jpg","https://about.gitlab.com/blog/american-fuzzy-lop-on-gitlab","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"American Fuzzy Lop on GitLab: Automating instrumented fuzzing using pipelines\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Luka Trbojevic\"}],\n \"datePublished\": \"2019-08-14\",\n }",{"title":4386,"description":4381,"authors":4387,"heroImage":4382,"date":4389,"category":14,"tags":4390},"American Fuzzy Lop on GitLab: Automating instrumented fuzzing using pipelines",[4388],"Luka Trbojevic","2019-08-14",[839,14],{"slug":4392,"featured":6,"template":728},"american-fuzzy-lop-on-gitlab","content:en-us:blog:american-fuzzy-lop-on-gitlab.yml","American Fuzzy Lop On Gitlab","en-us/blog/american-fuzzy-lop-on-gitlab.yml","en-us/blog/american-fuzzy-lop-on-gitlab",{"_path":4398,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4399,"content":4405,"config":4409,"_id":4411,"_type":16,"title":4412,"_source":17,"_file":4413,"_stem":4414,"_extension":20},"/en-us/blog/zero-trust-at-gitlab-problems-goals-challenges",{"title":4400,"description":4401,"ogTitle":4400,"ogDescription":4401,"noIndex":6,"ogImage":4402,"ogUrl":4403,"ogSiteName":918,"ogType":919,"canonicalUrls":4403,"schema":4404},"Zero Trust at GitLab: Problems, goals, and coming challenges","We map out our Zero Trust goals, the challenges we expect to encounter along the way, and how we plan to address them.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749680704/Blog/Hero%20Images/beasty-ztblog-unsplash.jpg","https://about.gitlab.com/blog/zero-trust-at-gitlab-problems-goals-challenges","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Zero Trust at GitLab: Problems, goals, and coming challenges\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Mark Loveless\"}],\n \"datePublished\": \"2019-08-09\",\n }",{"title":4400,"description":4401,"authors":4406,"heroImage":4402,"date":4407,"category":14,"tags":4408},[1747],"2019-08-09",[839,14,1881],{"slug":4410,"featured":6,"template":728},"zero-trust-at-gitlab-problems-goals-challenges","content:en-us:blog:zero-trust-at-gitlab-problems-goals-challenges.yml","Zero Trust At Gitlab Problems Goals Challenges","en-us/blog/zero-trust-at-gitlab-problems-goals-challenges.yml","en-us/blog/zero-trust-at-gitlab-problems-goals-challenges",{"_path":4416,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4417,"content":4422,"config":4427,"_id":4429,"_type":16,"title":4430,"_source":17,"_file":4431,"_stem":4432,"_extension":20},"/en-us/blog/what-we-learned-by-taking-our-bug-bounty-program-public",{"title":4418,"description":4419,"ogTitle":4418,"ogDescription":4419,"noIndex":6,"ogImage":2569,"ogUrl":4420,"ogSiteName":918,"ogType":919,"canonicalUrls":4420,"schema":4421},"What we learned by taking our bug bounty program public","Six months into our public bug bounty program, we're taking stock of what's working and where we can make improvements.","https://about.gitlab.com/blog/what-we-learned-by-taking-our-bug-bounty-program-public","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"What we learned by taking our bug bounty program public\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Ethan Strike\"}],\n \"datePublished\": \"2019-07-19\",\n }",{"title":4418,"description":4419,"authors":4423,"heroImage":2569,"date":4425,"category":14,"tags":4426},[4424],"Ethan Strike","2019-07-19",[268,14,839,1041],{"slug":4428,"featured":6,"template":728},"what-we-learned-by-taking-our-bug-bounty-program-public","content:en-us:blog:what-we-learned-by-taking-our-bug-bounty-program-public.yml","What We Learned By Taking Our Bug Bounty Program Public","en-us/blog/what-we-learned-by-taking-our-bug-bounty-program-public.yml","en-us/blog/what-we-learned-by-taking-our-bug-bounty-program-public",{"_path":4434,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4435,"content":4441,"config":4447,"_id":4449,"_type":16,"title":4450,"_source":17,"_file":4451,"_stem":4452,"_extension":20},"/en-us/blog/creating-the-gitlab-controls-framework",{"title":4436,"description":4437,"ogTitle":4436,"ogDescription":4437,"noIndex":6,"ogImage":4438,"ogUrl":4439,"ogSiteName":918,"ogType":919,"canonicalUrls":4439,"schema":4440},"Adobe CCF becomes GitLab's open source control framework","We've implemented and adapted an open source compliance framework. Now we're sharing our process and tools so you can adapt and customize it too.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749683200/Blog/Hero%20Images/geraldo-stanislas-unsplash.jpg","https://about.gitlab.com/blog/creating-the-gitlab-controls-framework","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Turning the Adobe CCF into the GitLab Control Framework (it's all open source!)\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Jeff Burrows\"}],\n \"datePublished\": \"2019-07-10\",\n }",{"title":4442,"description":4437,"authors":4443,"heroImage":4438,"date":4445,"category":14,"tags":4446},"Turning the Adobe CCF into the GitLab Control Framework (it's all open source!)",[4444],"Jeff Burrows","2019-07-10",[1096,14],{"slug":4448,"featured":6,"template":728},"creating-the-gitlab-controls-framework","content:en-us:blog:creating-the-gitlab-controls-framework.yml","Creating The Gitlab Controls Framework","en-us/blog/creating-the-gitlab-controls-framework.yml","en-us/blog/creating-the-gitlab-controls-framework",{"_path":4454,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4455,"content":4461,"config":4465,"_id":4467,"_type":16,"title":4468,"_source":17,"_file":4469,"_stem":4470,"_extension":20},"/en-us/blog/ask-gitlab-security-alexander-dietrich",{"title":4456,"description":4457,"ogTitle":4456,"ogDescription":4457,"noIndex":6,"ogImage":4458,"ogUrl":4459,"ogSiteName":918,"ogType":919,"canonicalUrls":4459,"schema":4460},"Ask GitLab Security: Alexander Dietrich","What are the challenges and rewards of working security for a growing, cloud native company? We grill one of our senior security engineers.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749679726/Blog/Hero%20Images/ask-security-cover.png","https://about.gitlab.com/blog/ask-gitlab-security-alexander-dietrich","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Ask GitLab Security: Alexander Dietrich\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Heather Simpson\"}],\n \"datePublished\": \"2019-06-26\",\n }",{"title":4456,"description":4457,"authors":4462,"heroImage":4458,"date":4463,"category":14,"tags":4464},[2744],"2019-06-26",[3818,839,14,14],{"slug":4466,"featured":6,"template":728},"ask-gitlab-security-alexander-dietrich","content:en-us:blog:ask-gitlab-security-alexander-dietrich.yml","Ask Gitlab Security Alexander Dietrich","en-us/blog/ask-gitlab-security-alexander-dietrich.yml","en-us/blog/ask-gitlab-security-alexander-dietrich",{"_path":4472,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4473,"content":4478,"config":4482,"_id":4484,"_type":16,"title":4485,"_source":17,"_file":4486,"_stem":4487,"_extension":20},"/en-us/blog/ask-gitlab-security-roger-ostrander",{"title":4474,"description":4475,"ogTitle":4474,"ogDescription":4475,"noIndex":6,"ogImage":4458,"ogUrl":4476,"ogSiteName":918,"ogType":919,"canonicalUrls":4476,"schema":4477},"Ask GitLab Security: Roger Ostrander","What’s it like working day and night to kill spam, Bitcoin mining, malware and more? Meet our security team.","https://about.gitlab.com/blog/ask-gitlab-security-roger-ostrander","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Ask GitLab Security: Roger Ostrander\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Heather Simpson\"}],\n \"datePublished\": \"2019-06-14\",\n }",{"title":4474,"description":4475,"authors":4479,"heroImage":4458,"date":4480,"category":14,"tags":4481},[2744],"2019-06-14",[3818,839,14,14],{"slug":4483,"featured":6,"template":728},"ask-gitlab-security-roger-ostrander","content:en-us:blog:ask-gitlab-security-roger-ostrander.yml","Ask Gitlab Security Roger Ostrander","en-us/blog/ask-gitlab-security-roger-ostrander.yml","en-us/blog/ask-gitlab-security-roger-ostrander",{"_path":4489,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4490,"content":4496,"config":4500,"_id":4502,"_type":16,"title":4503,"_source":17,"_file":4504,"_stem":4505,"_extension":20},"/en-us/blog/when-technology-outpaces-security-compliance",{"title":4491,"description":4492,"ogTitle":4491,"ogDescription":4492,"noIndex":6,"ogImage":4493,"ogUrl":4494,"ogSiteName":918,"ogType":919,"canonicalUrls":4494,"schema":4495},"When technology outpaces security compliance","Where does today's tech transformation leave tomorrow's security compliance? A senior security analyst tackles the question.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749678968/Blog/Hero%20Images/signpost-sunset.jpg","https://about.gitlab.com/blog/when-technology-outpaces-security-compliance","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"When technology outpaces security compliance\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Luka Trbojevic\"}],\n \"datePublished\": \"2019-06-10\",\n }",{"title":4491,"description":4492,"authors":4497,"heroImage":4493,"date":4498,"category":14,"tags":4499},[4388],"2019-06-10",[14],{"slug":4501,"featured":6,"template":728},"when-technology-outpaces-security-compliance","content:en-us:blog:when-technology-outpaces-security-compliance.yml","When Technology Outpaces Security Compliance","en-us/blog/when-technology-outpaces-security-compliance.yml","en-us/blog/when-technology-outpaces-security-compliance",{"_path":4507,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4508,"content":4513,"config":4517,"_id":4519,"_type":16,"title":4520,"_source":17,"_file":4521,"_stem":4522,"_extension":20},"/en-us/blog/ask-gitlab-security-paul-harrison",{"title":4509,"description":4510,"ogTitle":4509,"ogDescription":4510,"noIndex":6,"ogImage":4458,"ogUrl":4511,"ogSiteName":918,"ogType":919,"canonicalUrls":4511,"schema":4512},"Ask GitLab Security: Paul Harrison","What’s it like working to secure one of the most transparent organizations in the world? Meet our security team.","https://about.gitlab.com/blog/ask-gitlab-security-paul-harrison","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Ask GitLab Security: Paul Harrison\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Heather Simpson\"}],\n \"datePublished\": \"2019-05-31\",\n }",{"title":4509,"description":4510,"authors":4514,"heroImage":4458,"date":4515,"category":14,"tags":4516},[2744],"2019-05-31",[3818,839,14,14],{"slug":4518,"featured":6,"template":728},"ask-gitlab-security-paul-harrison","content:en-us:blog:ask-gitlab-security-paul-harrison.yml","Ask Gitlab Security Paul Harrison","en-us/blog/ask-gitlab-security-paul-harrison.yml","en-us/blog/ask-gitlab-security-paul-harrison",{"_path":4524,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4525,"content":4531,"config":4535,"_id":4537,"_type":16,"title":4538,"_source":17,"_file":4539,"_stem":4540,"_extension":20},"/en-us/blog/choosing-a-compliance-framework",{"title":4526,"description":4527,"ogTitle":4526,"ogDescription":4527,"noIndex":6,"ogImage":4528,"ogUrl":4529,"ogSiteName":918,"ogType":919,"canonicalUrls":4529,"schema":4530},"How GitLab went about choosing the right compliance framework","Independent vs aggregate? Determining the most effective security controls approach for any organization has many considerations.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749680591/Blog/Hero%20Images/compliance-frameworks.jpg","https://about.gitlab.com/blog/choosing-a-compliance-framework","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"How GitLab went about choosing the right compliance framework\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Jeff Burrows\"}],\n \"datePublished\": \"2019-05-07\",\n }",{"title":4526,"description":4527,"authors":4532,"heroImage":4528,"date":4533,"category":14,"tags":4534},[4444],"2019-05-07",[780,839,14],{"slug":4536,"featured":6,"template":728},"choosing-a-compliance-framework","content:en-us:blog:choosing-a-compliance-framework.yml","Choosing A Compliance Framework","en-us/blog/choosing-a-compliance-framework.yml","en-us/blog/choosing-a-compliance-framework",{"_path":4542,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4543,"content":4548,"config":4553,"_id":4555,"_type":16,"title":4556,"_source":17,"_file":4557,"_stem":4558,"_extension":20},"/en-us/blog/inside-the-gitlab-public-bug-bounty-program",{"title":4544,"description":4545,"ogTitle":4544,"ogDescription":4545,"noIndex":6,"ogImage":2569,"ogUrl":4546,"ogSiteName":918,"ogType":919,"canonicalUrls":4546,"schema":4547},"Inside the GitLab public bug bounty program","Four months since going public with our bug bounty program, we dive into where we’re at, what success looks like, and what to expect down the road.","https://about.gitlab.com/blog/inside-the-gitlab-public-bug-bounty-program","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Inside the GitLab public bug bounty program\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Kathy Wang\"}],\n \"datePublished\": \"2019-04-29\",\n }",{"title":4544,"description":4545,"authors":4549,"heroImage":2569,"date":4551,"category":14,"tags":4552},[4550],"Kathy Wang","2019-04-29",[268,14,1096,1041],{"slug":4554,"featured":6,"template":728},"inside-the-gitlab-public-bug-bounty-program","content:en-us:blog:inside-the-gitlab-public-bug-bounty-program.yml","Inside The Gitlab Public Bug Bounty Program","en-us/blog/inside-the-gitlab-public-bug-bounty-program.yml","en-us/blog/inside-the-gitlab-public-bug-bounty-program",{"_path":4560,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4561,"content":4566,"config":4571,"_id":4573,"_type":16,"title":4574,"_source":17,"_file":4575,"_stem":4576,"_extension":20},"/en-us/blog/agile-iteration-unique-onboarding-experience",{"title":4562,"description":4563,"ogTitle":4562,"ogDescription":4563,"noIndex":6,"ogImage":2314,"ogUrl":4564,"ogSiteName":918,"ogType":919,"canonicalUrls":4564,"schema":4565},"Agile iteration: My unique onboarding experience at GitLab","How I learned to iterate quickly during my first week at GitLab.","https://about.gitlab.com/blog/agile-iteration-unique-onboarding-experience","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Agile iteration: My unique onboarding experience at GitLab\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Michael Fahey\"}],\n \"datePublished\": \"2019-04-26\",\n }",{"title":4562,"description":4563,"authors":4567,"heroImage":2314,"date":4569,"category":14,"tags":4570},[4568],"Michael Fahey","2019-04-26",[839,14],{"slug":4572,"featured":6,"template":728},"agile-iteration-unique-onboarding-experience","content:en-us:blog:agile-iteration-unique-onboarding-experience.yml","Agile Iteration Unique Onboarding Experience","en-us/blog/agile-iteration-unique-onboarding-experience.yml","en-us/blog/agile-iteration-unique-onboarding-experience",{"_path":4578,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4579,"content":4585,"config":4589,"_id":4591,"_type":16,"title":4592,"_source":17,"_file":4593,"_stem":4594,"_extension":20},"/en-us/blog/gitlab-security-tools-and-the-hipaa-risk-analysis",{"title":4580,"description":4581,"ogTitle":4580,"ogDescription":4581,"noIndex":6,"ogImage":4582,"ogUrl":4583,"ogSiteName":918,"ogType":919,"canonicalUrls":4583,"schema":4584},"GitLab's security tools and the HIPAA risk analysis","A closer look at GitLab’s security scanning tools and the HIPAA risk analysis.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749680548/Blog/Hero%20Images/gitlab-security-and-hipaa-risk-analysis.jpg","https://about.gitlab.com/blog/gitlab-security-tools-and-the-hipaa-risk-analysis","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"GitLab's security tools and the HIPAA risk analysis\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Luka Trbojevic\"}],\n \"datePublished\": \"2019-04-10\",\n }",{"title":4580,"description":4581,"authors":4586,"heroImage":4582,"date":4587,"category":14,"tags":4588},[4388],"2019-04-10",[14,743,965],{"slug":4590,"featured":6,"template":728},"gitlab-security-tools-and-the-hipaa-risk-analysis","content:en-us:blog:gitlab-security-tools-and-the-hipaa-risk-analysis.yml","Gitlab Security Tools And The Hipaa Risk Analysis","en-us/blog/gitlab-security-tools-and-the-hipaa-risk-analysis.yml","en-us/blog/gitlab-security-tools-and-the-hipaa-risk-analysis",{"_path":4596,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4597,"content":4602,"config":4605,"_id":4607,"_type":16,"title":4598,"_source":17,"_file":4608,"_stem":4609,"_extension":20},"/en-us/blog/group-runner-registration-token-vulnerability",{"title":4598,"description":4599,"ogTitle":4598,"ogDescription":4599,"noIndex":6,"ogImage":2314,"ogUrl":4600,"ogSiteName":918,"ogType":919,"canonicalUrls":4600,"schema":4601},"Group Runner Registration Token Vulnerability","How we responded to a vulnerability in group runner registration tokens.","https://about.gitlab.com/blog/group-runner-registration-token-vulnerability","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"Group Runner Registration Token Vulnerability\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Kathy Wang\"}],\n \"datePublished\": \"2019-04-10\",\n }",{"title":4598,"description":4599,"authors":4603,"heroImage":2314,"date":4587,"category":14,"tags":4604},[4550],[14],{"slug":4606,"featured":6,"template":728},"group-runner-registration-token-vulnerability","content:en-us:blog:group-runner-registration-token-vulnerability.yml","en-us/blog/group-runner-registration-token-vulnerability.yml","en-us/blog/group-runner-registration-token-vulnerability",{"_path":4611,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4612,"content":4618,"config":4622,"_id":4624,"_type":16,"title":4625,"_source":17,"_file":4626,"_stem":4627,"_extension":20},"/en-us/blog/evolution-of-zero-trust",{"title":4613,"description":4614,"ogTitle":4613,"ogDescription":4614,"noIndex":6,"ogImage":4615,"ogUrl":4616,"ogSiteName":918,"ogType":919,"canonicalUrls":4616,"schema":4617},"The evolution of Zero Trust","Zero Trust may be one of the hottest topics in security today, but it's not exactly new. Here's a history.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749664096/Blog/Hero%20Images/evolution-of-zero-trust.jpg","https://about.gitlab.com/blog/evolution-of-zero-trust","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"The evolution of Zero Trust\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Mark Loveless\"}],\n \"datePublished\": \"2019-04-01\",\n }",{"title":4613,"description":4614,"authors":4619,"heroImage":4615,"date":4620,"category":14,"tags":4621},[1747],"2019-04-01",[839,14,1881],{"slug":4623,"featured":6,"template":728},"evolution-of-zero-trust","content:en-us:blog:evolution-of-zero-trust.yml","Evolution Of Zero Trust","en-us/blog/evolution-of-zero-trust.yml","en-us/blog/evolution-of-zero-trust",{"_path":4629,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4630,"content":4635,"config":4640,"_id":4642,"_type":16,"title":4643,"_source":17,"_file":4644,"_stem":4645,"_extension":20},"/en-us/blog/security-incident-runner-registration-token",{"title":4631,"description":4632,"ogTitle":4631,"ogDescription":4632,"noIndex":6,"ogImage":3296,"ogUrl":4633,"ogSiteName":918,"ogType":919,"canonicalUrls":4633,"schema":4634},"Project runner registration token security update","How we responded to a vulnerability in quick actions for issues that can expose project runner registration tokens to unauthorized users.","https://about.gitlab.com/blog/security-incident-runner-registration-token","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"An update on project runner registration token exposed through issues quick actions vulnerability\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Kathy Wang\"}],\n \"datePublished\": \"2019-03-25\",\n }",{"title":4636,"description":4632,"authors":4637,"heroImage":3296,"date":4638,"category":14,"tags":4639},"An update on project runner registration token exposed through issues quick actions vulnerability",[4550],"2019-03-25",[14],{"slug":4641,"featured":6,"template":728},"security-incident-runner-registration-token","content:en-us:blog:security-incident-runner-registration-token.yml","Security Incident Runner Registration Token","en-us/blog/security-incident-runner-registration-token.yml","en-us/blog/security-incident-runner-registration-token",{"_path":4647,"_dir":245,"_draft":6,"_partial":6,"_locale":7,"seo":4648,"content":4654,"config":4660,"_id":4662,"_type":16,"title":4663,"_source":17,"_file":4664,"_stem":4665,"_extension":20},"/en-us/blog/a-deep-dive-into-the-security-analyst-persona",{"title":4649,"description":4650,"ogTitle":4649,"ogDescription":4650,"noIndex":6,"ogImage":4651,"ogUrl":4652,"ogSiteName":918,"ogType":919,"canonicalUrls":4652,"schema":4653},"A deep dive into the Security Analyst persona","See how we created our new Security Analyst persona, and how we are already putting it to use.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749663736/Blog/Hero%20Images/a-deep-dive-into-the-security-analyst-persona.jpg","https://about.gitlab.com/blog/a-deep-dive-into-the-security-analyst-persona","\n {\n \"@context\": \"https://schema.org\",\n \"@type\": \"Article\",\n \"headline\": \"A deep dive into the Security Analyst persona\",\n \"author\": [{\"@type\":\"Person\",\"name\":\"Andy Volpe\"}],\n \"datePublished\": \"2019-02-12\",\n }",{"title":4649,"description":4650,"authors":4655,"heroImage":4651,"date":4657,"category":14,"tags":4658},[4656],"Andy Volpe","2019-02-12",[764,839,14,4659,965],"UX",{"slug":4661,"featured":6,"template":728},"a-deep-dive-into-the-security-analyst-persona","content:en-us:blog:a-deep-dive-into-the-security-analyst-persona.yml","A Deep Dive Into The Security Analyst Persona","en-us/blog/a-deep-dive-into-the-security-analyst-persona.yml","en-us/blog/a-deep-dive-into-the-security-analyst-persona",{"_path":4,"_dir":5,"_draft":6,"_partial":6,"_locale":7,"seo":4667,"content":4668,"config":4669,"_id":15,"_type":16,"title":9,"_source":17,"_file":18,"_stem":19,"_extension":20},{"title":9,"description":10},{"name":9},{"template":13,"slug":14,"hide":6},1761814415611]