[{"data":1,"prerenderedAt":1211},["ShallowReactive",2],{"/en-us/the-source/security/why-legacy-code-is-a-security-risk-and-how-ai-can-help":3,"footer-en-us":50,"the-source-banner-en-us":393,"the-source-navigation-en-us":405,"article-site-categories-en-us":433,"the-source-newsletter-en-us":435,"footer-source-/en-us/the-source/security/why-legacy-code-is-a-security-risk-and-how-ai-can-help/":446,"why-legacy-code-is-a-security-risk-and-how-ai-can-help-article-hero-category-en-us":457,"why-legacy-code-is-a-security-risk-and-how-ai-can-help-the-source-source-cta-en-us":481,"why-legacy-code-is-a-security-risk-and-how-ai-can-help-category-en-us":496,"why-legacy-code-is-a-security-risk-and-how-ai-can-help-the-source-resources-en-us":508,"why-legacy-code-is-a-security-risk-and-how-ai-can-help-article-hero-author-en-us":548},{"_path":4,"_dir":5,"_draft":6,"_partial":6,"_locale":7,"config":8,"seo":13,"content":17,"type":41,"slug":42,"category":5,"_id":43,"_type":44,"title":45,"_source":46,"_file":47,"_stem":48,"_extension":49},"/en-us/the-source/security/why-legacy-code-is-a-security-risk-and-how-ai-can-help","security",false,"",{"layout":9,"template":10,"author":11,"featured":6,"sourceCTA":12},"the-source","TheSourceArticle","joel-krooswyk","source-lp-how-a-devsecops-platform-drives-business-success-the-complete-guide",{"title":14,"description":15,"ogImage":16},"Why legacy code is a security risk — and how AI can help","Explore how AI-powered code refactoring can modernize legacy systems, enhance your security protocols, and propel your organization into the future.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463670/cdynzww9p2annh3mmbhl.png",{"title":14,"date":18,"description":15,"timeToRead":19,"heroImage":16,"keyTakeaways":20,"articleBody":24,"faq":25},"2025-01-15","6 min read",[21,22,23],"Legacy code is expensive and time-consuming to maintain and, if not compatible with the latest security tools, it can be a serious liability for organizations across industries.","Code refactoring is a strategy that can help make code more readable — improving the stability of the code base as well as the productivity and efficiency of developers.","Together with preventative security tools, AI-powered code refactoring can help teams modernize their legacy code while reducing their risk of security vulnerabilities in the process.","Today’s rapid acceleration of technology is exciting. It means new products and opportunities for growth and innovation are around every corner. And yet this speed of growth and change has its downsides, especially regarding security: just one bad actor can cause massive business disruption, reputation damage, and lost revenue.\n\nYou have likely heard industry leaders talk about their need for digital transformation and the worrisome dependency on outdated or “legacy” systems. While legacy code is not inherently problematic, it often isn’t compatible with modern security tools, leading to exploitable vulnerabilities. Coupled with open source code - which requires ongoing security vigilance - your code base may be putting your organization’s data, users, and reputation at risk.\n\nLegacy code is risky from a security and compliance perspective, and it’s also expensive and time-consuming for developers to maintain - if developers on your team even have the legacy knowledge to do the work.\n\nUltimately, this industry-wide reliance on legacy code is a concerning and costly practice. So, how do we work our way out of it?\n\nBelow, I’ll explore legacy code and how organizations can increase the security of their code base with AI-powered code refactoring. Together with AI-driven testing and security capabilities, code refactoring will propel your codebase into the future while empowering your whole team to look ahead, not behind.\n\n## What is legacy code?\n\nBroadly, legacy code refers to an existing code base that a team inherits from previous team members and continues to use and maintain. The code might work just fine, but several different developers have likely modified it over the years. The current team might struggle to identify which modifications are valuable and which are not. Additionally, the code might be written using an outdated framework or in a programming language that no one on the team knows (whether it’s simply old or completely obsolete).\n\nIt might seem strange that companies still rely on legacy code. While the reasons can vary, think of it like this: You live in an old house. It's cozy and familiar, but the plumbing's unreliable, the wiring is outdated, and every time you fix one thing, something else breaks. Sure, you could remodel, but that means a huge upheaval – contractors, permits, living in chaos for months, and costs that can spiral out of control.\n\nSo, you keep patching things up, hoping for the best. It's not ideal, but it works - for now. That's kind of what it's like with legacy code. It's the familiar, “working” solution, even if it's creaky and inefficient. Rewriting it from scratch is a daunting prospect with its own risks and costs. Plus, who has time for a massive overhaul when there are new features to build and urgent bugs to fix?\n\nWhen it comes to updating code, many companies decide to keep their legacy code because maintaining it can be less disruptive in the short term. Updating code involves a lot of developing and testing code. It can also involve training a team to ensure they have the skills to work with the outdated code language or framework. If there isn’t any documentation, it can be even more challenging to navigate.\n\n## What’s the problem with legacy code?\n\nIf your organization does decide to stick with your legacy code - and many do - you’re opening yourself up to a host of potential issues. Since this code wasn’t designed for newer tech, you might not be able to integrate it with the latest and greatest software (like AI tools, for example), which could also impact the performance and scalability of your products. This can hold you back and impact customer experience down the line.\n\nWhat’s most concerning about legacy code, whether it was written five years ago or 50, is that there may be no security scanners that work for this code. That means you can’t detect problems on your own while making updates. Moreover, developers making these updates may not understand the language or its structure well and might even accidentally create vulnerable code in the process. Finally, older applications are commonly written in C or C++, which are memory unsafe languages - proven to host [70% of identified vulnerabilities](https://www.cisa.gov/news-events/news/urgent-need-memory-safety-software-products).\n\nThese three issues - the fact that there may be no way to secure legacy code, there are fewer ways to safely update it, and that the end result is far more likely to be vulnerable - should be warning signs for organizations across industries.\n\nIn developing a catalog of bad practices that can put critical infrastructure at risk, the U.S. [Cybersecurity and Infrastructure Security Agency](https://www.cisa.gov/stopransomware/bad-practices) added the following:\n\n“Use of unsupported (or end-of-life) software in service of Critical Infrastructure and National Critical Functions is dangerous and significantly elevates risk to national security, national economic security, and national public health and safety. This dangerous practice is especially egregious in technologies accessible from the Internet.”\n\nEven if you aren’t working in national security or for national public health and safety, this warning is still applicable: Using old code is not a best practice. It’s a bad one.\n\n## The solution: Code refactoring\n\nAccording to software developer and author [Martin Fowler](https://www.martinfowler.com/), “Refactoring is a controlled technique for improving the design of an existing code base, a disciplined technique for restructuring an existing body of code, altering its internal structure without changing its external behavior.”\n\nIn other words, code refactoring allows you to secure and modernize your legacy code without obscuring its original functionality.\n\nThere are many refactoring techniques - from inline refactoring, which involves simplifying code by removing obsolete elements, to refactoring by abstraction, where duplicate code is deleted. What’s important to know is that code refactoring requires time and significant developer skills to do well. It also requires a lot of testing when developers are already busy working on other tasks.\n\nSo, while code refactoring is certainly the answer to bringing your legacy code into the future, making it readable, efficient, and secure, it is a project in and of itself, especially at scale.\n\n## How AI can help\n\nWe know that AI is already accelerating the software development lifecycle - and there’s a lot that [AI can do to help teams accelerate the refactoring process](https://about.gitlab.com/blog/refactor-code-into-modern-languages-with-ai-powered-gitlab-duo/), too. For example, tools like [GitLab Duo](https://about.gitlab.com/blog/gitlab-duo-chat-now-generally-available/) can help explain existing code and create new code, two of the biggest hurdles when modernizing legacy code. If a developer isn’t familiar with a language, AI can help fill in the blanks. Regarding testing and security, AI can also [analyze root causes, generate tests](https://about.gitlab.com/blog/developing-gitlab-duo-blending-ai-and-root-cause-analysis-to-fix-ci-cd/), and [help developers remediate vulnerabilities](https://about.gitlab.com/the-source/ai/understand-and-resolve-vulnerabilities-with-ai-powered-gitlab-duo/). With AI in your toolkit, code refactoring can finally be more accessible and achievable for organizations, so they can move this project off their backlog for good.\n\nAccording to [our research](https://about.gitlab.com/developer-survey/2024/ai/), 34% of all respondents using AI across the software development lifecycle already use AI to modernize legacy code. This is even higher in the financial services industry (46%).\n\nOf course, there are a few things to keep in mind as you start to implement AI in any of your practices.\n\nAI isn’t perfect. It still requires testing, guardrails, and human oversight. So, while it absolutely can facilitate and accelerate some of these critical, time-consuming manual tasks, it can’t do this work alone. Especially regarding security, you should implement other tools to keep your code as secure as possible. We recommend creating a [dynamic software bill of materials](https://about.gitlab.com/blog/the-ultimate-guide-to-sboms/) (also called an SBOM) to give you full visibility into the license and security risks associated with your software, including any legacy code you may have.\n\n## Bring your codebase into the future\n\nWhile the jump from legacy codebase maintenance to modernization might feel daunting, it is the best path forward if you want to keep your organization and user data secure. With the right tools and methods, it may be more efficient for your teams and cost-effective for your company.\n\nThe good news is that your teams don’t need to spend time and resources deciphering old languages and working with old frameworks - causing frustration, delays, and bottlenecks. By letting AI do the hard work of refactoring your code so that it’s safe, secure, and functioning as it should, developers can focus on what they do best: building new products and features and driving value for customers.",[26,29,32,35,38],{"header":27,"content":28},"What are the challenges of maintaining legacy code without AI?","Challenges include:\n - __Lack of modern security support__: Traditional security scanners may not be compatible with legacy code\n - __Complex and outdated frameworks__: Developers may lack the expertise to maintain or update the old code\n - __High maintenance costs__: Maintaining legacy systems is costly and time-consuming, diverting resources from innovation\n - __Security risks__: Outdated code is more prone to vulnerabilities and attacks, increasing the risk of data breaches",{"header":30,"content":31},"How does GitLab support AI-powered refactoring and legacy code modernization?","GitLab uses GitLab Duo to help developers understand legacy code by providing explanations and generating new code. It also offers:\n - AI-driven security scans for detecting vulnerabilities in legacy code\n - Automated testing and remediation to enhance code security\n - Dynamic Software Bills of Materials (SBOMs) for visibility into license and security risks, including legacy components",{"header":33,"content":34},"Why is legacy code considered a security risk?","Legacy code is risky because it often uses outdated frameworks or programming languages that lack modern security measures. This makes it incompatible with the latest security tools, increasing the risk of vulnerabilities. Additionally, unsupported or end-of-life software can be easily exploited by attackers, compromising data integrity and security.",{"header":36,"content":37},"How can AI-powered code refactoring enhance legacy code security?","AI-powered code refactoring modernizes legacy systems by:\n - Identifying outdated or insecure code patterns and suggesting secure alternatives\n - Automating code improvements without altering external behavior, enhancing readability and maintainability\n - Generating security tests and analyzing root causes of vulnerabilities, enabling faster remediation\nThis approach reduces manual effort and accelerates the transition to more secure, efficient, and scalable codebases.",{"header":39,"content":40},"What are the benefits of using AI for legacy code refactoring?","Benefits include:\n - __Enhanced security__: AI identifies and mitigates vulnerabilities, improving security posture\n - __Increased productivity__: Automating repetitive tasks allows developers to focus on innovation\n - __Cost efficiency__: Reduced maintenance costs by modernizing code to work with current frameworks and tools\n - __Scalable modernization__: AI enables scalable and consistent refactoring across complex codebases, future-proofing the organization’s software assets","article","why-legacy-code-is-a-security-risk-and-how-ai-can-help","content:en-us:the-source:security:why-legacy-code-is-a-security-risk-and-how-ai-can-help.yml","yaml","Why Legacy Code Is A Security Risk And How Ai Can Help","content","en-us/the-source/security/why-legacy-code-is-a-security-risk-and-how-ai-can-help.yml","en-us/the-source/security/why-legacy-code-is-a-security-risk-and-how-ai-can-help","yml",{"_path":51,"_dir":52,"_draft":6,"_partial":6,"_locale":7,"data":53,"_id":389,"_type":44,"title":390,"_source":46,"_file":391,"_stem":392,"_extension":49},"/shared/en-us/main-footer","en-us",{"text":54,"source":55,"edit":61,"contribute":66,"config":71,"items":76,"minimal":381},"Git is a trademark of Software Freedom Conservancy and our use of 'GitLab' is under license",{"text":56,"config":57},"View page source",{"href":58,"dataGaName":59,"dataGaLocation":60},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/","page source","footer",{"text":62,"config":63},"Edit this page",{"href":64,"dataGaName":65,"dataGaLocation":60},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/content/","web ide",{"text":67,"config":68},"Please contribute",{"href":69,"dataGaName":70,"dataGaLocation":60},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/CONTRIBUTING.md/","please contribute",{"twitter":72,"facebook":73,"youtube":74,"linkedin":75},"https://twitter.com/gitlab","https://www.facebook.com/gitlab","https://www.youtube.com/channel/UCnMGQ8QHMAnVIsI3xJrihhg","https://www.linkedin.com/company/gitlab-com",[77,135,192,251,319],{"title":78,"links":79,"subMenu":95},"Pricing",[80,85,90],{"text":81,"config":82},"View plans",{"href":83,"dataGaName":84,"dataGaLocation":60},"/pricing/","view plans",{"text":86,"config":87},"Why Premium?",{"href":88,"dataGaName":89,"dataGaLocation":60},"/pricing/premium/","why premium",{"text":91,"config":92},"Why Ultimate?",{"href":93,"dataGaName":94,"dataGaLocation":60},"/pricing/ultimate/","why ultimate",[96],{"title":97,"links":98},"Contact Us",[99,104,109,114,119,124,129],{"text":100,"config":101},"Contact sales",{"href":102,"dataGaName":103,"dataGaLocation":60},"/sales/","sales",{"text":105,"config":106},"Support portal",{"href":107,"dataGaName":108,"dataGaLocation":60},"https://support.gitlab.com","support portal",{"text":110,"config":111},"Customer portal",{"href":112,"dataGaName":113,"dataGaLocation":60},"https://customers.gitlab.com/customers/sign_in/","customer portal",{"text":115,"config":116},"Status",{"href":117,"dataGaName":118,"dataGaLocation":60},"https://status.gitlab.com/","status",{"text":120,"config":121},"Terms of use",{"href":122,"dataGaName":123,"dataGaLocation":60},"/terms/","terms of use",{"text":125,"config":126},"Privacy statement",{"href":127,"dataGaName":128,"dataGaLocation":60},"/privacy/","privacy statement",{"text":130,"config":131},"Cookie preferences",{"dataGaName":132,"dataGaLocation":60,"id":133,"isOneTrustButton":134},"cookie preferences","ot-sdk-btn",true,{"title":136,"links":137,"subMenu":148},"Product",[138,143],{"text":139,"config":140},"DevSecOps platform",{"href":141,"dataGaName":142,"dataGaLocation":60},"/platform/","devsecops platform",{"text":144,"config":145},"AI-Assisted Development",{"href":146,"dataGaName":147,"dataGaLocation":60},"/gitlab-duo/","ai-assisted development",[149],{"title":150,"links":151},"Topics",[152,157,162,167,172,177,182,187],{"text":153,"config":154},"CICD",{"href":155,"dataGaName":156,"dataGaLocation":60},"/topics/ci-cd/","cicd",{"text":158,"config":159},"GitOps",{"href":160,"dataGaName":161,"dataGaLocation":60},"/topics/gitops/","gitops",{"text":163,"config":164},"DevOps",{"href":165,"dataGaName":166,"dataGaLocation":60},"/topics/devops/","devops",{"text":168,"config":169},"Version Control",{"href":170,"dataGaName":171,"dataGaLocation":60},"/topics/version-control/","version control",{"text":173,"config":174},"DevSecOps",{"href":175,"dataGaName":176,"dataGaLocation":60},"/topics/devsecops/","devsecops",{"text":178,"config":179},"Cloud Native",{"href":180,"dataGaName":181,"dataGaLocation":60},"/topics/cloud-native/","cloud native",{"text":183,"config":184},"AI for Coding",{"href":185,"dataGaName":186,"dataGaLocation":60},"/topics/devops/ai-for-coding/","ai for coding",{"text":188,"config":189},"Agentic AI",{"href":190,"dataGaName":191,"dataGaLocation":60},"/topics/agentic-ai/","agentic ai",{"title":193,"links":194},"Solutions",[195,199,204,209,214,218,223,226,231,236,241,246],{"text":196,"config":197},"Application Security Testing",{"href":198,"dataGaName":196,"dataGaLocation":60},"/solutions/application-security-testing/",{"text":200,"config":201},"Automated software delivery",{"href":202,"dataGaName":203,"dataGaLocation":60},"/solutions/delivery-automation/","automated software delivery",{"text":205,"config":206},"Agile development",{"href":207,"dataGaName":208,"dataGaLocation":60},"/solutions/agile-delivery/","agile delivery",{"text":210,"config":211},"SCM",{"href":212,"dataGaName":213,"dataGaLocation":60},"/solutions/source-code-management/","source code management",{"text":153,"config":215},{"href":216,"dataGaName":217,"dataGaLocation":60},"/solutions/continuous-integration/","continuous integration & delivery",{"text":219,"config":220},"Value stream management",{"href":221,"dataGaName":222,"dataGaLocation":60},"/solutions/value-stream-management/","value stream management",{"text":158,"config":224},{"href":225,"dataGaName":161,"dataGaLocation":60},"/solutions/gitops/",{"text":227,"config":228},"Enterprise",{"href":229,"dataGaName":230,"dataGaLocation":60},"/enterprise/","enterprise",{"text":232,"config":233},"Small business",{"href":234,"dataGaName":235,"dataGaLocation":60},"/small-business/","small business",{"text":237,"config":238},"Public sector",{"href":239,"dataGaName":240,"dataGaLocation":60},"/solutions/public-sector/","public sector",{"text":242,"config":243},"Education",{"href":244,"dataGaName":245,"dataGaLocation":60},"/solutions/education/","education",{"text":247,"config":248},"Financial services",{"href":249,"dataGaName":250,"dataGaLocation":60},"/solutions/finance/","financial services",{"title":252,"links":253},"Resources",[254,259,264,269,274,279,284,289,294,299,304,309,314],{"text":255,"config":256},"Install",{"href":257,"dataGaName":258,"dataGaLocation":60},"/install/","install",{"text":260,"config":261},"Quick start guides",{"href":262,"dataGaName":263,"dataGaLocation":60},"/get-started/","quick setup checklists",{"text":265,"config":266},"Learn",{"href":267,"dataGaName":268,"dataGaLocation":60},"https://university.gitlab.com/","learn",{"text":270,"config":271},"Product documentation",{"href":272,"dataGaName":273,"dataGaLocation":60},"https://docs.gitlab.com/","docs",{"text":275,"config":276},"Blog",{"href":277,"dataGaName":278,"dataGaLocation":60},"/blog/","blog",{"text":280,"config":281},"Customer success stories",{"href":282,"dataGaName":283,"dataGaLocation":60},"/customers/","customer success stories",{"text":285,"config":286},"Remote",{"href":287,"dataGaName":288,"dataGaLocation":60},"https://handbook.gitlab.com/handbook/company/culture/all-remote/","remote",{"text":290,"config":291},"GitLab Services",{"href":292,"dataGaName":293,"dataGaLocation":60},"/services/","services",{"text":295,"config":296},"TeamOps",{"href":297,"dataGaName":298,"dataGaLocation":60},"/teamops/","teamops",{"text":300,"config":301},"Community",{"href":302,"dataGaName":303,"dataGaLocation":60},"/community/","community",{"text":305,"config":306},"Forum",{"href":307,"dataGaName":308,"dataGaLocation":60},"https://forum.gitlab.com/","forum",{"text":310,"config":311},"Events",{"href":312,"dataGaName":313,"dataGaLocation":60},"/events/","events",{"text":315,"config":316},"Partners",{"href":317,"dataGaName":318,"dataGaLocation":60},"/partners/","partners",{"title":320,"links":321},"Company",[322,327,332,337,342,347,352,356,361,366,371,376],{"text":323,"config":324},"About",{"href":325,"dataGaName":326,"dataGaLocation":60},"/company/","company",{"text":328,"config":329},"Jobs",{"href":330,"dataGaName":331,"dataGaLocation":60},"/jobs/","jobs",{"text":333,"config":334},"Leadership",{"href":335,"dataGaName":336,"dataGaLocation":60},"/company/team/e-group/","leadership",{"text":338,"config":339},"Team",{"href":340,"dataGaName":341,"dataGaLocation":60},"/company/team/","team",{"text":343,"config":344},"Handbook",{"href":345,"dataGaName":346,"dataGaLocation":60},"https://handbook.gitlab.com/","handbook",{"text":348,"config":349},"Investor relations",{"href":350,"dataGaName":351,"dataGaLocation":60},"https://ir.gitlab.com/","investor relations",{"text":353,"config":354},"Sustainability",{"href":355,"dataGaName":353,"dataGaLocation":60},"/sustainability/",{"text":357,"config":358},"Diversity, inclusion and belonging (DIB)",{"href":359,"dataGaName":360,"dataGaLocation":60},"/diversity-inclusion-belonging/","Diversity, inclusion and belonging",{"text":362,"config":363},"Trust Center",{"href":364,"dataGaName":365,"dataGaLocation":60},"/security/","trust center",{"text":367,"config":368},"Newsletter",{"href":369,"dataGaName":370,"dataGaLocation":60},"/company/contact/","newsletter",{"text":372,"config":373},"Press",{"href":374,"dataGaName":375,"dataGaLocation":60},"/press/","press",{"text":377,"config":378},"Modern Slavery Transparency Statement",{"href":379,"dataGaName":380,"dataGaLocation":60},"https://handbook.gitlab.com/handbook/legal/modern-slavery-act-transparency-statement/","modern slavery transparency statement",{"items":382},[383,385,387],{"text":120,"config":384},{"href":122,"dataGaName":123,"dataGaLocation":60},{"text":125,"config":386},{"href":127,"dataGaName":128,"dataGaLocation":60},{"text":130,"config":388},{"dataGaName":132,"dataGaLocation":60,"id":133,"isOneTrustButton":134},"content:shared:en-us:main-footer.yml","Main Footer","shared/en-us/main-footer.yml","shared/en-us/main-footer",{"_path":394,"_dir":395,"_draft":6,"_partial":6,"_locale":7,"visibility":134,"id":396,"title":397,"button":398,"_id":402,"_type":44,"_source":46,"_file":403,"_stem":404,"_extension":49},"/shared/en-us/the-source/banner/the-economics-of-software-innovation-2025-08-18","banner","The Economics of Software Innovation","The Economics of Software Innovation—AI’s $750 Billion Opportunity",{"config":399,"text":401},{"href":400},"/software-innovation-report/","Get the research report","content:shared:en-us:the-source:banner:the-economics-of-software-innovation-2025-08-18.yml","shared/en-us/the-source/banner/the-economics-of-software-innovation-2025-08-18.yml","shared/en-us/the-source/banner/the-economics-of-software-innovation-2025-08-18",{"_path":406,"_dir":9,"_draft":6,"_partial":6,"_locale":7,"logo":407,"subscribeLink":412,"navItems":416,"_id":429,"_type":44,"title":430,"_source":46,"_file":431,"_stem":432,"_extension":49},"/shared/en-us/the-source/navigation",{"altText":408,"config":409},"the source logo",{"src":410,"href":411},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1750191004/t7wz1klfb2kxkezksv9t.svg","/the-source/",{"text":413,"config":414},"Subscribe",{"href":415},"#subscribe",[417,421,425],{"text":418,"config":419},"Artificial Intelligence",{"href":420},"/the-source/ai/",{"text":422,"config":423},"Security & Compliance",{"href":424},"/the-source/security/",{"text":426,"config":427},"Platform & Infrastructure",{"href":428},"/the-source/platform/","content:shared:en-us:the-source:navigation.yml","Navigation","shared/en-us/the-source/navigation.yml","shared/en-us/the-source/navigation",{"categoryNames":434},{"ai":418,"platform":426,"security":422},{"_path":436,"_dir":9,"_draft":6,"_partial":6,"_locale":7,"title":437,"description":438,"submitMessage":439,"formData":440,"_id":443,"_type":44,"_source":46,"_file":444,"_stem":445,"_extension":49},"/shared/en-us/the-source/newsletter","The Source Newsletter","Stay updated with insights for the future of software development.","You have successfully signed up for The Source’s newsletter.",{"config":441},{"formId":442,"formName":370,"hideRequiredLabel":134},1077,"content:shared:en-us:the-source:newsletter.yml","shared/en-us/the-source/newsletter.yml","shared/en-us/the-source/newsletter",{"_path":4,"_dir":5,"_draft":6,"_partial":6,"_locale":7,"config":447,"seo":448,"content":449,"type":41,"slug":42,"category":5,"_id":43,"_type":44,"title":45,"_source":46,"_file":47,"_stem":48,"_extension":49},{"layout":9,"template":10,"author":11,"featured":6,"sourceCTA":12},{"title":14,"description":15,"ogImage":16},{"title":14,"date":18,"description":15,"timeToRead":19,"heroImage":16,"keyTakeaways":450,"articleBody":24,"faq":451},[21,22,23],[452,453,454,455,456],{"header":27,"content":28},{"header":30,"content":31},{"header":33,"content":34},{"header":36,"content":37},{"header":39,"content":40},{"_path":458,"_dir":9,"_draft":6,"_partial":6,"_locale":7,"type":459,"config":460,"seo":461,"content":464,"slug":5,"_id":478,"_type":44,"title":7,"_source":46,"_file":479,"_stem":480,"_extension":49},"/en-us/the-source/security","category",{"layout":9},{"title":422,"description":462,"ogImage":463},"Get up to speed on how organizations can ensure they're staying on top of evolving security threats and compliance requirements.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463273/aplkxrvwpii26xao5yhi.png",[465,470],{"componentName":466,"type":466,"componentContent":467},"TheSourceCategoryHero",{"title":422,"description":462,"image":468},{"config":469},{"src":463},{"componentName":471,"type":471,"componentContent":472},"TheSourceCategoryMainSection",{"config":473},{"sourceCTAs":474},[475,476,477],"source-lp-guide-to-dynamic-sboms","source-lp-devsecops-the-key-to-modern-security-resilience","application-security-in-the-digital-age","content:en-us:the-source:security:index.yml","en-us/the-source/security/index.yml","en-us/the-source/security/index",{"_path":482,"_dir":483,"_draft":6,"_partial":6,"_locale":7,"config":484,"title":485,"description":486,"link":487,"_id":493,"_type":44,"_source":46,"_file":494,"_stem":495,"_extension":49},"/shared/en-us/the-source/source-lp-ctas/source-lp-how-a-devsecops-platform-drives-business-success-the-complete-guide","source-lp-ctas",{"slug":12},"How a DevSecOps platform drives business success: The complete guide","DevSecOps gives software development teams, and the whole organization, a security focus that saves companies money and time, while better securing the business, its customers, and its brand. Read our ebook to learn how DevSecOps protects the entire business, saves time and reduces costs, and secures the entire software supply chain.",{"text":488,"config":489},"Read the ebook",{"href":490,"dataGaName":491,"dataGaLocation":492},"/the-source/platform/how-a-devsecops-platform-drives-business-success/","Driving Business Success with DevSecOps","thesource","content:shared:en-us:the-source:source-lp-ctas:source-lp-how-a-devsecops-platform-drives-business-success-the-complete-guide.yml","shared/en-us/the-source/source-lp-ctas/source-lp-how-a-devsecops-platform-drives-business-success-the-complete-guide.yml","shared/en-us/the-source/source-lp-ctas/source-lp-how-a-devsecops-platform-drives-business-success-the-complete-guide",{"_path":458,"_dir":9,"_draft":6,"_partial":6,"_locale":7,"type":459,"config":497,"seo":498,"content":499,"slug":5,"_id":478,"_type":44,"title":7,"_source":46,"_file":479,"_stem":480,"_extension":49},{"layout":9},{"title":422,"description":462,"ogImage":463},[500,504],{"componentName":466,"type":466,"componentContent":501},{"title":422,"description":462,"image":502},{"config":503},{"src":463},{"componentName":471,"type":471,"componentContent":505},{"config":506},{"sourceCTAs":507},[475,476,477],[509,522,535],{"_path":510,"_dir":483,"_draft":6,"_partial":6,"_locale":7,"config":511,"title":512,"description":513,"link":514,"_id":519,"_type":44,"_source":46,"_file":520,"_stem":521,"_extension":49},"/shared/en-us/the-source/source-lp-ctas/application-security-in-the-digital-age",{"slug":477},"Application security in the digital age","Read our survey findings from more than 5,000 DevSecOps professionals worldwide for insights on how organizations are grappling with increasing attack surfaces and changing attitudes towards security and AI.",{"text":515,"config":516},"Read the report",{"href":517,"dataGaName":518,"dataGaLocation":492},"/developer-survey/2024/security-compliance/","Application Security in the Digital Age","content:shared:en-us:the-source:source-lp-ctas:application-security-in-the-digital-age.yml","shared/en-us/the-source/source-lp-ctas/application-security-in-the-digital-age.yml","shared/en-us/the-source/source-lp-ctas/application-security-in-the-digital-age",{"_path":523,"_dir":483,"_draft":6,"_partial":6,"_locale":7,"config":524,"title":525,"description":526,"link":527,"_id":532,"_type":44,"_source":46,"_file":533,"_stem":534,"_extension":49},"/shared/en-us/the-source/source-lp-ctas/source-lp-devsecops-the-key-to-modern-security-resilience",{"slug":476},"DevSecOps: The key to modern security resilience","Learn how embedding security in development can slash incident response time by 720x and save millions in security costs annually.",{"text":528,"config":529},"Download the guide",{"href":530,"dataGaName":531,"dataGaLocation":492},"/the-source/security/devsecops-the-key-to-modern-security-resilience/","DevSecOps the key to modern security resilience","content:shared:en-us:the-source:source-lp-ctas:source-lp-devsecops-the-key-to-modern-security-resilience.yml","shared/en-us/the-source/source-lp-ctas/source-lp-devsecops-the-key-to-modern-security-resilience.yml","shared/en-us/the-source/source-lp-ctas/source-lp-devsecops-the-key-to-modern-security-resilience",{"_path":536,"_dir":483,"_draft":6,"_partial":6,"_locale":7,"config":537,"title":538,"description":539,"link":540,"_id":545,"_type":44,"_source":46,"_file":546,"_stem":547,"_extension":49},"/shared/en-us/the-source/source-lp-ctas/source-lp-guide-to-dynamic-sboms",{"slug":475},"Guide to dynamic SBOMs: An integral element of modern software development","Learn how to gain visibility into previously unidentified organizational risks with a software bill of materials (SBOM).",{"text":541,"config":542},"Read the guide",{"href":543,"dataGaName":544,"dataGaLocation":492},"/the-source/security/guide-to-dynamic-sboms/","Guide to Dynamic SBOMs","content:shared:en-us:the-source:source-lp-ctas:source-lp-guide-to-dynamic-sboms.yml","shared/en-us/the-source/source-lp-ctas/source-lp-guide-to-dynamic-sboms.yml","shared/en-us/the-source/source-lp-ctas/source-lp-guide-to-dynamic-sboms",[549,574,590,608,624,644,665,687,703,722,744,762,783,799,818,835,853,873,891,909,929,948,968,989,1005,1021,1041,1059,1077,1094,1115,1133,1152,1168,1189],{"_path":550,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":552,"seo":553,"content":555,"type":569,"slug":570,"_id":571,"_type":44,"title":554,"_source":46,"_file":572,"_stem":573,"_extension":49},"/en-us/the-source/authors/amanda-rueda","authors",{"layout":9},{"title":554},"Amanda Rueda",[556,567],{"type":557,"componentName":557,"componentContent":558},"TheSourceAuthorHero",{"config":559,"name":554,"role":562,"bio":563,"headshot":564},{"gitlabHandle":560,"linkedInProfileUrl":561},"amandarueda","https://www.linkedin.com/in/amandamrueda/","Senior Product Manager","Amanda Rueda is a Senior Product Manager at GitLab, specializing in strategic product vision, agile planning, and leveraging AI to enhance workflows and user experiences. Amanda is a thought leader in agile planning and product management workflows, and enjoys building GitLab features that drive team collaboration, transparent project management, and high-performing teams.",{"altText":554,"config":565},{"src":566},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463383/osecw1pzbxvb7fhqhiky.png",{"componentName":568,"type":568},"TheSourceArticlesList","author","amanda-rueda","content:en-us:the-source:authors:amanda-rueda.yml","en-us/the-source/authors/amanda-rueda.yml","en-us/the-source/authors/amanda-rueda",{"_path":575,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":576,"seo":577,"content":579,"type":569,"slug":586,"_id":587,"_type":44,"title":578,"_source":46,"_file":588,"_stem":589,"_extension":49},"/en-us/the-source/authors/andre-michael-braun",{"layout":9},{"title":578},"Andre Michael Braun",[580,585],{"type":557,"componentName":557,"componentContent":581},{"name":578,"headshot":582},{"altText":578,"config":583},{"src":584},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463336/yl27k7wdlnkzsizwknn1.jpg",{"componentName":568,"type":568},"andre-michael-braun","content:en-us:the-source:authors:andre-michael-braun.yml","en-us/the-source/authors/andre-michael-braun.yml","en-us/the-source/authors/andre-michael-braun",{"_path":591,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":592,"seo":593,"content":595,"type":569,"slug":604,"_id":605,"_type":44,"title":594,"_source":46,"_file":606,"_stem":607,"_extension":49},"/en-us/the-source/authors/andrew-haschka",{"layout":9},{"title":594},"Andrew Haschka",[596,603],{"type":557,"componentName":557,"componentContent":597},{"name":594,"role":598,"bio":599,"headshot":600},"Field CTO, Asia Pacific & Japan","Andrew Haschka is the CTO for Asia Pacific & Japan at GitLab, acting as the trusted advisor to GitLab partners and customers. Andrew takes a consultative approach to address common and unique business requirements. He provides subject matter expertise and industry experience throughout the customer’s modernisation journey, working with product management and engineering teams to evolve product features to meet market demand.",{"altText":594,"config":601},{"src":602},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463349/z1qnc4uxmqgg3hnm3da4.png",{"componentName":568,"type":568},"andrew-haschka","content:en-us:the-source:authors:andrew-haschka.yml","en-us/the-source/authors/andrew-haschka.yml","en-us/the-source/authors/andrew-haschka",{"_path":609,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":610,"seo":611,"content":613,"type":569,"slug":620,"_id":621,"_type":44,"title":612,"_source":46,"_file":622,"_stem":623,"_extension":49},"/en-us/the-source/authors/ayoub-fandi",{"layout":9},{"title":612},"Ayoub Fandi",[614,619],{"componentName":557,"type":557,"componentContent":615},{"name":612,"headshot":616},{"altText":612,"config":617},{"src":618},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463329/wyp554loeyoibx3ozren.jpg",{"componentName":568,"type":568},"ayoub-fandi","content:en-us:the-source:authors:ayoub-fandi.yml","en-us/the-source/authors/ayoub-fandi.yml","en-us/the-source/authors/ayoub-fandi",{"_path":625,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":626,"seo":627,"content":629,"type":569,"slug":640,"_id":641,"_type":44,"title":628,"_source":46,"_file":642,"_stem":643,"_extension":49},"/en-us/the-source/authors/bob-stevens",{"layout":9},{"title":628},"Bob Stevens",[630,639],{"componentName":557,"type":557,"componentContent":631},{"config":632,"name":628,"role":635,"headshot":636},{"gitlabHandle":633,"linkedInProfileUrl":634},"bstevens1","https://www.linkedin.com/in/bob-stevens-1237564/","Public Sector Area Vice President, GitLab",{"altText":628,"config":637},{"src":638},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1752687939/mv3lhtimdzr8jmfqmbk1.jpg",{"componentName":568,"type":568},"bob-stevens","content:en-us:the-source:authors:bob-stevens.yml","en-us/the-source/authors/bob-stevens.yml","en-us/the-source/authors/bob-stevens",{"_path":645,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":646,"seo":647,"content":649,"type":569,"slug":661,"_id":662,"_type":44,"title":648,"_source":46,"_file":663,"_stem":664,"_extension":49},"/en-us/the-source/authors/brian-wald",{"layout":9},{"title":648},"Brian Wald",[650,660],{"componentName":557,"type":557,"componentContent":651},{"config":652,"name":648,"role":655,"bio":656,"headshot":657},{"gitlabHandle":653,"linkedInProfileUrl":654},"brianwald","https://www.linkedin.com/in/brianwald/","Head of Global Field CTO org","Brian Wald is Head of Global Field CTO org at GitLab. He leads a dynamic team of Field CTOs dedicated to transforming enterprise software development practices.",{"altText":648,"config":658},{"src":659},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463417/fugpbux9miqbdx3wewtu.jpg",{"componentName":568,"type":568},"brian-wald","content:en-us:the-source:authors:brian-wald.yml","en-us/the-source/authors/brian-wald.yml","en-us/the-source/authors/brian-wald",{"_path":666,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":667,"seo":668,"content":670,"type":569,"slug":683,"_id":684,"_type":44,"title":669,"_source":46,"_file":685,"_stem":686,"_extension":49},"/en-us/the-source/authors/bryan-ross",{"layout":9},{"title":669},"Bryan Ross",[671,682],{"componentName":557,"type":557,"componentContent":672},{"config":673,"name":669,"role":677,"bio":678,"headshot":679},{"gitlabHandle":674,"twitterXProfileUrl":675,"linkedInProfileUrl":676},"bryanrossuk","https://twitter.com/bryanrossuk","https://www.linkedin.com/in/bryanross","Field CTO","With over 15 years of industry experience as a senior IT leader, Bryan helps customers realize business value from IT faster. Equally comfortable speaking with executives and engineers alike, he bridges the gap between technical and business stakeholders through compelling storytelling and real-world examples. With a knack for delivering authentic, impactful messages, he enjoys helping others at the intersection of technology, people and process.",{"altText":669,"config":680},{"src":681},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463324/mvdyvskii4hltdrgqxom.jpg",{"componentName":568,"type":568},"bryan-ross","content:en-us:the-source:authors:bryan-ross.yml","en-us/the-source/authors/bryan-ross.yml","en-us/the-source/authors/bryan-ross",{"_path":688,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":689,"seo":690,"content":692,"type":569,"slug":699,"_id":700,"_type":44,"title":691,"_source":46,"_file":701,"_stem":702,"_extension":49},"/en-us/the-source/authors/chandler-gibbons",{"layout":9},{"title":691},"Chandler Gibbons",[693,698],{"componentName":557,"type":557,"componentContent":694},{"name":691,"headshot":695},{"altText":691,"config":696},{"src":697},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463362/o7g9fqtqtjvegfwniuxh.jpg",{"componentName":568,"type":568},"chandler-gibbons","content:en-us:the-source:authors:chandler-gibbons.yml","en-us/the-source/authors/chandler-gibbons.yml","en-us/the-source/authors/chandler-gibbons",{"_path":704,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":705,"seo":706,"content":708,"type":569,"slug":718,"_id":719,"_type":44,"title":707,"_source":46,"_file":720,"_stem":721,"_extension":49},"/en-us/the-source/authors/dave-steer",{"layout":9},{"title":707},"Dave Steer",[709,717],{"componentName":557,"type":557,"componentContent":710},{"config":711,"name":707,"role":713,"headshot":714},{"gitlabHandle":712},"dsteer","Vice President, Product Marketing",{"altText":707,"config":715},{"src":716},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463457/zbtapdkglu3yb9suaq7w.png",{"componentName":568,"type":568},"dave-steer","content:en-us:the-source:authors:dave-steer.yml","en-us/the-source/authors/dave-steer.yml","en-us/the-source/authors/dave-steer",{"_path":723,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":724,"seo":725,"content":727,"type":569,"slug":739,"_id":740,"_type":44,"title":741,"_source":46,"_file":742,"_stem":743,"_extension":49},"/en-us/the-source/authors/ddesanto",{"layout":9},{"title":726},"David DeSanto",[728,738],{"componentName":557,"type":557,"componentContent":729},{"config":730,"name":726,"role":733,"bio":734,"headshot":735},{"gitlabHandle":731,"linkedInProfileUrl":732},"david","https://www.linkedin.com/in/ddesanto/","Chief Product Officer","David DeSanto is the Chief Product Officer at GitLab Inc., where he leads GitLab’s product division to define and execute GitLab's product vision and roadmap. David is responsible for ensuring the company builds, ships, and supports the platform that reinforces GitLab's leadership in the DevSecOps platform market.",{"altText":726,"config":736},{"src":737},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463446/bgnljs84zcsxj0t6nvix.png",{"componentName":568,"type":568},"ddesanto","content:en-us:the-source:authors:ddesanto.yml","Ddesanto","en-us/the-source/authors/ddesanto.yml","en-us/the-source/authors/ddesanto",{"_path":745,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":746,"seo":747,"content":749,"type":569,"slug":757,"_id":758,"_type":44,"title":759,"_source":46,"_file":760,"_stem":761,"_extension":49},"/en-us/the-source/authors/derek-debellis",{"layout":9},{"title":748},"Derek DeBellis",[750,756],{"componentName":557,"type":557,"componentContent":751},{"name":748,"role":752,"headshot":753},"Lead Researcher, Google's DORA team ",{"altText":748,"config":754},{"src":755},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463385/sbnjwfaguszi5g2smzr7.png",{"componentName":568,"type":568},"derek-debellis","content:en-us:the-source:authors:derek-debellis.yml","Derek Debellis","en-us/the-source/authors/derek-debellis.yml","en-us/the-source/authors/derek-debellis",{"_path":763,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":764,"seo":765,"content":767,"type":569,"slug":779,"_id":780,"_type":44,"title":766,"_source":46,"_file":781,"_stem":782,"_extension":49},"/en-us/the-source/authors/emilio-salvador",{"layout":9},{"title":766},"Emilio Salvador",[768,778],{"componentName":557,"type":557,"componentContent":769},{"config":770,"name":766,"role":773,"bio":774,"headshot":775},{"gitlabHandle":771,"linkedInProfileUrl":772},"esalvadorp","https://www.linkedin.com/in/emiliosp/","Vice President, Strategy and Developer Relations, GitLab","Emilio Salvador is vice president of strategy and developer relations at GitLab. A technology executive with more than 20 years of experience, Emilio has held roles at Amazon and Microsoft, and most recently led strategy and operations for the Developer Advocacy and Experience team at Google. He holds an MBA from MIT Sloan School of Management.",{"altText":766,"config":776},{"src":777},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463402/g0snp3uisjm4tj3pkqcw.jpg",{"componentName":568,"type":568},"emilio-salvador","content:en-us:the-source:authors:emilio-salvador.yml","en-us/the-source/authors/emilio-salvador.yml","en-us/the-source/authors/emilio-salvador",{"_path":784,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":785,"seo":786,"content":788,"type":569,"slug":795,"_id":796,"_type":44,"title":787,"_source":46,"_file":797,"_stem":798,"_extension":49},"/en-us/the-source/authors/erika-feldman",{"layout":9},{"title":787},"Erika Feldman",[789,794],{"componentName":557,"type":557,"componentContent":790},{"name":787,"headshot":791},{"altText":787,"config":792},{"src":793},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463354/d9quqvz7d2ayjwif7vdn.png",{"componentName":568,"type":568},"erika-feldman","content:en-us:the-source:authors:erika-feldman.yml","en-us/the-source/authors/erika-feldman.yml","en-us/the-source/authors/erika-feldman",{"_path":800,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":801,"seo":802,"content":804,"type":569,"slug":814,"_id":815,"_type":44,"title":803,"_source":46,"_file":816,"_stem":817,"_extension":49},"/en-us/the-source/authors/george-kichukov",{"layout":9},{"title":803},"George Kichukov",[805,813],{"componentName":557,"type":557,"componentContent":806},{"config":807,"name":803,"role":677,"bio":809,"headshot":810},{"gitlabHandle":808},"gkichukov","George Kichukov brings over two decades of expertise in software development, enterprise architecture, and technology leadership to his role as Financial Services Field CTO for GitLab. His career began in the startup ecosystem, where he spent five years developing name-matching technologies deployed across government, defense, and financial services. George transitioned into solution architecture, where he guided financial institutions in modernizing their application development practices. Prior to GitLab, George spent 12 years at a large financial services organization leading developer services, application security programs and DevOps infrastructure automation platforms. In his current role at GitLab, George partners with financial services organizations, helping them achieve their strategic objectives in DevOps, DevSecOps, Developer Experience, SDLC compliance, and using AI across software development.",{"altText":803,"config":811},{"src":812},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463366/dk2knfancgsxocjkmyoa.jpg",{"componentName":568,"type":568},"george-kichukov","content:en-us:the-source:authors:george-kichukov.yml","en-us/the-source/authors/george-kichukov.yml","en-us/the-source/authors/george-kichukov",{"_path":819,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":820,"seo":821,"content":823,"type":569,"slug":830,"_id":831,"_type":44,"title":832,"_source":46,"_file":833,"_stem":834,"_extension":49},"/en-us/the-source/authors/gitlab",{"layout":9},{"title":822},"GitLab",[824,829],{"componentName":557,"type":557,"componentContent":825},{"name":822,"headshot":826},{"altText":822,"config":827},{"src":828},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463461/ts7io0hgpdyqylbzfire.png",{"componentName":568,"type":568},"gitlab","content:en-us:the-source:authors:gitlab.yml","Gitlab","en-us/the-source/authors/gitlab.yml","en-us/the-source/authors/gitlab",{"_path":836,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":837,"seo":838,"content":840,"type":569,"slug":849,"_id":850,"_type":44,"title":839,"_source":46,"_file":851,"_stem":852,"_extension":49},"/en-us/the-source/authors/grant-hickman",{"layout":9},{"title":839},"Grant Hickman",[841,848],{"componentName":557,"type":557,"componentContent":842},{"config":843,"name":839,"headshot":845},{"gitlabHandle":844},"g.hickman",{"altText":839,"config":846},{"src":847},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463463/f3uqwtugqotyhwutz5gu.png",{"componentName":568,"type":568},"grant-hickman","content:en-us:the-source:authors:grant-hickman.yml","en-us/the-source/authors/grant-hickman.yml","en-us/the-source/authors/grant-hickman",{"_path":854,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":855,"seo":856,"content":858,"type":569,"slug":869,"_id":870,"_type":44,"title":857,"_source":46,"_file":871,"_stem":872,"_extension":49},"/en-us/the-source/authors/haim-snir",{"layout":9},{"title":857},"Haim Snir",[859,868],{"componentName":557,"type":557,"componentContent":860},{"config":861,"name":857,"role":864,"headshot":865},{"gitlabHandle":862,"linkedInProfileUrl":863},"hsnir1","https://www.linkedin.com/in/haimsnir/","Senior Product Manager, Dev & Analytics, GitLab",{"altText":857,"config":866},{"src":867},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463395/nubmshvaq8wpomopllni.png",{"componentName":568,"type":568},"haim-snir","content:en-us:the-source:authors:haim-snir.yml","en-us/the-source/authors/haim-snir.yml","en-us/the-source/authors/haim-snir",{"_path":874,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":875,"seo":876,"content":878,"type":569,"slug":882,"_id":887,"_type":44,"title":888,"_source":46,"_file":889,"_stem":890,"_extension":49},"/en-us/the-source/authors/iganbaruch",{"layout":9},{"title":877},"Itzik Gan Baruch",[879,886],{"componentName":557,"type":557,"componentContent":880},{"config":881,"name":877,"headshot":883},{"gitlabHandle":882},"iganbaruch",{"altText":877,"config":884},{"src":885},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463443/vibb2fkc0ojni2d1eqde.png",{"componentName":568,"type":568},"content:en-us:the-source:authors:iganbaruch.yml","Iganbaruch","en-us/the-source/authors/iganbaruch.yml","en-us/the-source/authors/iganbaruch",{"_path":892,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"type":569,"slug":893,"config":894,"seo":895,"content":898,"_id":906,"_type":44,"title":897,"_source":46,"_file":907,"_stem":908,"_extension":49},"/en-us/the-source/authors/jason-morgan","jason-morgan",{"layout":9},{"config":896,"title":897},{"noIndex":6},"Jason Morgan",[899,905],{"type":557,"componentName":557,"componentContent":900},{"name":897,"role":901,"headshot":902},"Staff Solutions Architect",{"altText":897,"config":903},{"src":904},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758808571/n1inburdbemlmpcg9atj.jpg",{"type":568,"componentName":568},"content:en-us:the-source:authors:jason-morgan.yml","en-us/the-source/authors/jason-morgan.yml","en-us/the-source/authors/jason-morgan",{"_path":910,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"type":569,"slug":911,"config":912,"seo":913,"content":916,"_id":926,"_type":44,"title":915,"_source":46,"_file":927,"_stem":928,"_extension":49},"/en-us/the-source/authors/jessie-young","jessie-young",{"layout":9},{"config":914,"title":915},{"noIndex":6},"Jessie Young",[917,925],{"type":557,"componentName":557,"componentContent":918},{"name":915,"role":919,"headshot":920,"config":923},"Principal Engineer, AI Engineering, GitLab",{"altText":915,"config":921},{"src":922},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1760537925/E03N1RJJX7C-U03NFV6N2PN-4d786e81137a-512_m62zso.png",{"gitlabHandle":924},"jessieay",{"type":568,"componentName":568},"content:en-us:the-source:authors:jessie-young.yml","en-us/the-source/authors/jessie-young.yml","en-us/the-source/authors/jessie-young",{"_path":930,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":931,"seo":932,"content":934,"type":569,"slug":943,"_id":944,"_type":44,"title":945,"_source":46,"_file":946,"_stem":947,"_extension":49},"/en-us/the-source/authors/jlongo",{"layout":9},{"title":933},"Joseph Longo",[935,942],{"componentName":557,"type":557,"componentContent":936},{"config":937,"name":933,"headshot":939},{"gitlabHandle":938},"jlongo_gitlab",{"altText":933,"config":940},{"src":941},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463434/uoxaknpmoposbbgzqji8.png",{"componentName":568,"type":568},"jlongo","content:en-us:the-source:authors:jlongo.yml","Jlongo","en-us/the-source/authors/jlongo.yml","en-us/the-source/authors/jlongo",{"_path":949,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":950,"seo":951,"content":953,"type":569,"slug":11,"_id":965,"_type":44,"title":952,"_source":46,"_file":966,"_stem":967,"_extension":49},"/en-us/the-source/authors/joel-krooswyk",{"layout":9},{"title":952},"Joel Krooswyk",[954,964],{"componentName":557,"type":557,"componentContent":955},{"config":956,"name":952,"role":959,"bio":960,"headshot":961},{"gitlabHandle":957,"linkedInProfileUrl":958},"jkrooswyk","https://www.linkedin.com/in/joelrkrooswyk/","Federal CTO","Joel Krooswyk is the Federal CTO at GitLab. Joel has actively been involved in GitLab’s growth since 2017. His 25 years of leadership experience span not only the U.S. Public Sector, but also small, mid-market, and enterprise businesses globally. Joel combines deep government policy expertise with a wealth of experience in technology, software development, AI, and cybersecurity. He is frequently called upon by industry and agencies alike for policy commentary and response.",{"altText":952,"config":962},{"src":963},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463423/mkmdhuxsjggfvokdmdv7.jpg",{"componentName":568,"type":568},"content:en-us:the-source:authors:joel-krooswyk.yml","en-us/the-source/authors/joel-krooswyk.yml","en-us/the-source/authors/joel-krooswyk",{"_path":969,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":970,"seo":971,"content":973,"type":569,"slug":985,"_id":986,"_type":44,"title":972,"_source":46,"_file":987,"_stem":988,"_extension":49},"/en-us/the-source/authors/josh-lemos",{"layout":9},{"title":972},"Josh Lemos",[974,984],{"componentName":557,"type":557,"componentContent":975},{"config":976,"name":972,"role":979,"bio":980,"headshot":981},{"gitlabHandle":977,"linkedInProfileUrl":978},"joshlemos","https://www.linkedin.com/in/joshlemos/","Chief Information Security Officer","Josh Lemos is the Chief Information Security Officer at GitLab Inc., where he brings 20 years of experience leading information security teams to his role. He is responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected, fortifying the Gitlab DevSecOps platform and ensuring the highest level of security for customers.",{"altText":972,"config":982},{"src":983},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463405/f4rqtiecakrekvxfhqar.jpg",{"componentName":568,"type":568},"josh-lemos","content:en-us:the-source:authors:josh-lemos.yml","en-us/the-source/authors/josh-lemos.yml","en-us/the-source/authors/josh-lemos",{"_path":990,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":991,"seo":992,"content":994,"type":569,"slug":1001,"_id":1002,"_type":44,"title":993,"_source":46,"_file":1003,"_stem":1004,"_extension":49},"/en-us/the-source/authors/julie-griffin",{"layout":9},{"title":993},"Julie Griffin",[995,1000],{"componentName":557,"type":557,"componentContent":996},{"name":993,"headshot":997},{"altText":993,"config":998},{"src":999},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463371/hqkbr3uk8hw2de7tltn4.webp",{"componentName":568,"type":568},"julie-griffin","content:en-us:the-source:authors:julie-griffin.yml","en-us/the-source/authors/julie-griffin.yml","en-us/the-source/authors/julie-griffin",{"_path":1006,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":1007,"seo":1008,"content":1010,"type":569,"slug":1017,"_id":1018,"_type":44,"title":1009,"_source":46,"_file":1019,"_stem":1020,"_extension":49},"/en-us/the-source/authors/kristina-weis",{"layout":9},{"title":1009},"Kristina Weis",[1011,1016],{"componentName":557,"type":557,"componentContent":1012},{"name":1009,"headshot":1013},{"altText":1009,"config":1014},{"src":1015},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463469/eoolq6n6bs0zb8gmf0js.webp",{"componentName":568,"type":568},"kristina-weis","content:en-us:the-source:authors:kristina-weis.yml","en-us/the-source/authors/kristina-weis.yml","en-us/the-source/authors/kristina-weis",{"_path":1022,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":1023,"seo":1024,"content":1026,"type":569,"slug":1037,"_id":1038,"_type":44,"title":1025,"_source":46,"_file":1039,"_stem":1040,"_extension":49},"/en-us/the-source/authors/lee-faus",{"layout":9},{"title":1025},"Lee Faus",[1027,1036],{"componentName":557,"type":557,"componentContent":1028},{"config":1029,"name":1025,"role":1031,"bio":1032,"headshot":1033},{"gitlabHandle":1030},"lfaus","Global Field CTO","Lee Faus is a Global Field CTO at GitLab. Lee has been a software architect, teacher, professor, and educator for over 25 years. He leverages his experience as an educator to bring complex technology concepts into a business forum where executives gain valuable advice to positively impact their business.",{"altText":1025,"config":1034},{"src":1035},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463398/vivhlomglvnstamj54bo.jpg",{"componentName":568,"type":568},"lee-faus","content:en-us:the-source:authors:lee-faus.yml","en-us/the-source/authors/lee-faus.yml","en-us/the-source/authors/lee-faus",{"_path":1042,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"type":569,"slug":1043,"config":1044,"seo":1045,"content":1048,"_id":1056,"_type":44,"title":1047,"_source":46,"_file":1057,"_stem":1058,"_extension":49},"/en-us/the-source/authors/nathen-harvey","nathen-harvey",{"layout":9},{"config":1046,"title":1047},{"noIndex":6},"Nathen Harvey",[1049,1055],{"type":557,"componentName":557,"componentContent":1050},{"name":1047,"role":1051,"headshot":1052},"DORA Lead, Google Cloud",{"altText":1047,"config":1053},{"src":1054},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1760537671/ls7apap7dorwaguxs4hh.webp",{"type":568,"componentName":568},"content:en-us:the-source:authors:nathen-harvey.yml","en-us/the-source/authors/nathen-harvey.yml","en-us/the-source/authors/nathen-harvey",{"_path":1060,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":1061,"seo":1062,"content":1064,"type":569,"slug":1068,"_id":1073,"_type":44,"title":1074,"_source":46,"_file":1075,"_stem":1076,"_extension":49},"/en-us/the-source/authors/ncregan",{"layout":9},{"title":1063},"Niall Cregan",[1065,1072],{"componentName":557,"type":557,"componentContent":1066},{"config":1067,"name":1063,"headshot":1069},{"gitlabHandle":1068},"ncregan",{"altText":1063,"config":1070},{"src":1071},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463431/yrtwodocb4cu3j7lkhyo.png",{"componentName":568,"type":568},"content:en-us:the-source:authors:ncregan.yml","Ncregan","en-us/the-source/authors/ncregan.yml","en-us/the-source/authors/ncregan",{"_path":1078,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"type":569,"slug":1079,"config":1080,"seo":1081,"content":1084,"_id":1091,"_type":44,"title":1083,"_source":46,"_file":1092,"_stem":1093,"_extension":49},"/en-us/the-source/authors/rob-smith","rob-smith",{"layout":9},{"config":1082,"title":1083},{"noIndex":6},"Rob Smith",[1085,1090],{"type":557,"componentName":557,"componentContent":1086},{"name":1083,"role":635,"headshot":1087},{"altText":1083,"config":1088},{"src":1089},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1760625579/ndksqvsfysea4cnltb1r.jpg",{"type":568,"componentName":568},"content:en-us:the-source:authors:rob-smith.yml","en-us/the-source/authors/rob-smith.yml","en-us/the-source/authors/rob-smith",{"_path":1095,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":1096,"seo":1097,"content":1099,"type":569,"slug":1110,"_id":1111,"_type":44,"title":1112,"_source":46,"_file":1113,"_stem":1114,"_extension":49},"/en-us/the-source/authors/rschulman",{"layout":9},{"title":1098},"Robin Schulman",[1100,1109],{"componentName":557,"type":557,"componentContent":1101},{"config":1102,"name":1098,"role":1104,"bio":1105,"headshot":1106},{"gitlabHandle":1103},"robin","Chief Legal Officer","Robin Schulman is the Chief Legal Officer, Head of Corporate Affairs, and Corporate Secretary of GitLab Inc., the DevSecOps platform.",{"altText":1098,"config":1107},{"src":1108},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463437/u2xfbudw1f8hhnkrgaoy.webp",{"componentName":568,"type":568},"rschulman","content:en-us:the-source:authors:rschulman.yml","Rschulman","en-us/the-source/authors/rschulman.yml","en-us/the-source/authors/rschulman",{"_path":1116,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":1117,"seo":1118,"content":1120,"type":569,"slug":1129,"_id":1130,"_type":44,"title":1119,"_source":46,"_file":1131,"_stem":1132,"_extension":49},"/en-us/the-source/authors/sabrina-farmer",{"layout":9},{"title":1119},"Sabrina Farmer",[1121,1128],{"componentName":557,"type":557,"componentContent":1122},{"name":1119,"role":1123,"bio":1124,"headshot":1125},"Chief Technology Officer","Sabrina Farmer is the Chief Technology Officer at GitLab, where she leads software engineering, operations, and customer support teams to execute the company's technical vision and strategy and oversee the development and delivery of GitLab's products and services.\n\nPrior to GitLab, Sabrina spent nearly two decades at Google, where she most recently served as vice president of engineering, core infrastructure. During her tenure with Google, she was directly responsible for the reliability, performance, and efficiency of all of Google's billion-user products and infrastructure.\n\nA long-time advocate for women in technology, Farmer earned a B.S. in Computer Science at the University of New Orleans, where she established two scholarships to help level the playing field for inclusion and empowerment in technology.",{"altText":1119,"config":1126},{"src":1127},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463377/udmzbjjr5xrcrffdlphx.webp",{"componentName":568,"type":568},"sabrina-farmer","content:en-us:the-source:authors:sabrina-farmer.yml","en-us/the-source/authors/sabrina-farmer.yml","en-us/the-source/authors/sabrina-farmer",{"_path":1134,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":1135,"seo":1136,"content":1138,"type":569,"slug":1148,"_id":1149,"_type":44,"title":1137,"_source":46,"_file":1150,"_stem":1151,"_extension":49},"/en-us/the-source/authors/sandra-gittlen",{"layout":9},{"title":1137},"Sandra Gittlen",[1139,1147],{"componentName":557,"type":557,"componentContent":1140},{"config":1141,"name":1137,"role":1143,"headshot":1144},{"gitlabHandle":1142},"sgittlen","Managing Editor, Blog",{"altText":1137,"config":1145},{"src":1146},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463466/r7ckb9h2zr4c2rsz3zlm.png",{"componentName":568,"type":568},"sandra-gittlen","content:en-us:the-source:authors:sandra-gittlen.yml","en-us/the-source/authors/sandra-gittlen.yml","en-us/the-source/authors/sandra-gittlen",{"_path":1153,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":1154,"seo":1155,"content":1157,"type":569,"slug":1164,"_id":1165,"_type":44,"title":1156,"_source":46,"_file":1166,"_stem":1167,"_extension":49},"/en-us/the-source/authors/sharon-gaudin",{"layout":9},{"title":1156},"Sharon Gaudin",[1158,1163],{"componentName":557,"type":557,"componentContent":1159},{"name":1156,"headshot":1160},{"altText":1156,"config":1161},{"src":1162},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463475/h6j4nnvykzyfzgvl7txb.webp",{"componentName":568,"type":568},"sharon-gaudin","content:en-us:the-source:authors:sharon-gaudin.yml","en-us/the-source/authors/sharon-gaudin.yml","en-us/the-source/authors/sharon-gaudin",{"_path":1169,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":1170,"seo":1171,"content":1173,"type":569,"slug":1185,"_id":1186,"_type":44,"title":1172,"_source":46,"_file":1187,"_stem":1188,"_extension":49},"/en-us/the-source/authors/stephen-walters",{"layout":9},{"title":1172},"Stephen Walters",[1174,1184],{"componentName":557,"type":557,"componentContent":1175},{"config":1176,"name":1172,"role":1179,"bio":1180,"headshot":1181},{"gitlabHandle":1177,"linkedInProfileUrl":1178},"swalters1","https://www.linkedin.com/in/1stephenwalters/","Field CTO, GitLab","Stephen Walters is Field CTO for GitLab. Stephen has been in the IT industry for over 30 years. He is an extensively experienced subject matter expert in Value Stream Management, DevSecOps, DevOps, ALM, SDLC and IT4IT, with management and consultancy experience across end-to-end IT disciplines. Currently also operating as an Ambassador for the DevOps Institute and an Influencer in the Value Stream Management Consortium, he is interested in all things DevOps. Stephen is a co-author of the Value Stream Reference Architectures white paper and is currently pursuing further research into Value Stream Management, Organizational Architecture and AI.",{"altText":1172,"config":1182},{"src":1183},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463392/g6ktk5qb4vcqc9wqjlf9.jpg",{"componentName":568,"type":568},"stephen-walters","content:en-us:the-source:authors:stephen-walters.yml","en-us/the-source/authors/stephen-walters.yml","en-us/the-source/authors/stephen-walters",{"_path":1190,"_dir":551,"_draft":6,"_partial":6,"_locale":7,"config":1191,"seo":1192,"content":1194,"type":569,"slug":1206,"_id":1207,"_type":44,"title":1208,"_source":46,"_file":1209,"_stem":1210,"_extension":49},"/en-us/the-source/authors/taylor-mccaslin",{"layout":9},{"title":1193},"Taylor McCaslin",[1195,1205],{"componentName":557,"type":557,"componentContent":1196},{"config":1197,"name":1193,"role":1200,"bio":1201,"headshot":1202},{"gitlabHandle":1198,"linkedInProfileUrl":1199},"tmccaslin","https://www.linkedin.com/in/taylormccaslin/","Group Manager, Product - Data Science","Taylor McCaslin is the Product Lead for AI/ML at GitLab, where he is responsible for leading the team of product managers who manage the AI Powered and ModelOps stage groups and sets the vision and direction for how to empower GitLab users to leverage data science as part of their DevOps program. Prior to joining GitLab, he held positions at Indeed, Duo Security, and WP Engine.",{"altText":1193,"config":1203},{"src":1204},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463427/trfasilaeasosxfcxmsm.jpg",{"componentName":568,"type":568},"taylor-mccaslin","content:en-us:the-source:authors:taylor-mccaslin.yml","Taylor Mccaslin","en-us/the-source/authors/taylor-mccaslin.yml","en-us/the-source/authors/taylor-mccaslin",1761814450644]