[{"data":1,"prerenderedAt":897},["ShallowReactive",2],{"/en-us/topics/devsecops/beginners-guide-to-container-security":3,"navigation-en-us":129,"banner-en-us":558,"footer-en-us":575,"next-steps-en-us":817,"footer-source-/en-us/topics/devsecops/beginners-guide-to-container-security/":832},{"_path":4,"_dir":5,"_draft":6,"_partial":6,"_locale":7,"seo":8,"content":11,"_id":123,"_type":124,"title":7,"_source":125,"_file":126,"_stem":127,"_extension":128},"/en-us/topics/devsecops/beginners-guide-to-container-security","devsecops",false,"",{"title":9,"ogTitle":9,"description":10,"ogDescription":10},"A beginner’s guide to container security","DevOps teams utilize containers more than ever today, but securing them is often an afterthought. Here’s what you need to know about container security.",[12,26,32,121],{"type":13,"componentName":13,"componentContent":14},"CommonBreadcrumbs",{"crumbs":15},[16,20,24],{"title":17,"config":18},"Topics",{"href":19},"/topics/",{"title":21,"config":22},"Devsecops",{"href":23},"/topics/devsecops/",{"title":25},"Beginners guide to container security",{"type":27,"componentName":27,"componentContent":28},"CommonArticleHero",{"title":9,"text":29,"config":30},"DevOps teams utilize containers more than ever today, but securing them is often an afterthought. Here’s what you need to know about container security.\n",{"id":31,"twoColumns":6},"a-beginner’s-guide-to-container-security",{"type":33,"componentName":33,"componentContent":34},"CommonSideNavigationWithTree",{"anchors":35,"components":74},{"text":36,"data":37},"On this page",[38,42,46,50,54,58,62,66,70],{"text":39,"config":40},"Container Security",{"href":41},"#container-security",{"text":43,"config":44},"What is container security?",{"href":45},"#what-is-container-security",{"text":47,"config":48},"Why container security is important?",{"href":49},"#why-container-security-is-important",{"text":51,"config":52},"Many layers = many needs",{"href":53},"#many-layers-many-needs",{"text":55,"config":56},"Smart secret storage",{"href":57},"#smart-secret-storage",{"text":59,"config":60},"The importance of container runtime security",{"href":61},"#the-importance-of-container-runtime-security",{"text":63,"config":64},"Cloud native requires greater accountability",{"href":65},"#cloud-native-requires-greater-accountability",{"text":67,"config":68},"The NIST guidelines for container security",{"href":69},"#the-nist-guidelines-for-container-security",{"text":71,"config":72},"Learn more about container security",{"href":73},"#learn-more-about-container-security",[75,81,86,91,96,101,106,111,116],{"type":76,"componentName":76,"componentContent":77},"TopicsCopy",{"header":39,"text":78,"config":79},"Resource-efficient and highly portable containers are increasingly the go-to choice for modern software development. In fact, by 2023 more than 70% of organizations will be running more than two containerized applications, according to market research firm Gartner.\n\nBut containers have their downsides, particularly when it comes to security. GitLab’s [2022 Global DevSecOps Survey](/developer-survey/){data-ga-name=\"developer survey\" data-ga-location=\"body\"} found that only 64% of security professionals had a security plan for containers, and many [DevOps teams](/topics/devops/){data-ga-name=\"devops teams\" data-ga-location=\"body\"} don’t have a plan in place for other cutting-edge software technologies, including cloud native/serverless, APIs, and microservices.\n\nThe solution is for DevOps teams to shift left and integrate security practices into each stage of the software development process. Here’s a step-by-step look at how teams can accomplish that goal.\n",{"id":80},"container-security",{"type":76,"componentName":76,"componentContent":82},{"header":43,"text":83,"config":84},"A container is a lightweight unit that contains all the components you need to run an application, such as the application code, runtime, libraries, and configurations — and container security refers to measures and practices taken with the goal of ensuring the safety and integrity of containers. Container security comprises everything from the applications inside the containers to the infrastructure they run on. Base image security and quality are critical to ensure that any derivative images come from a trusted source. Build security in your container pipeline by gathering trusted images, managing access with the use of a private registry, integrating security testing and automating deployment, and continuously defending your infrastructure. Container hardening is the process of using container scanning tools to detect possible vulnerabilities and addressing them to minimize the risk of attack.\n\nRobust container security reduces the risk of deploying a container that contains a security flaw or malicious code into a production environment.\n",{"id":85},"what-is-container-security",{"type":76,"componentName":76,"componentContent":87},{"header":47,"text":88,"config":89},"Container security differs from traditional security methods due to the increased complexity and dynamism of the container environment. Simply put, there are a lot more moving pieces, and different security risks.\n\nWhile containers seem to behave like small virtual machines (VMs), they actually don’t – and so require a different security strategy. Traffic between apps in a container does not cross perimeter network security, but should be monitored for malicious traffic between apps and their images. Your orchestrator can be used to set security policies for processes and resources, but a complete security strategy requires more.\n",{"id":90},"why-container-security-is-important",{"type":76,"componentName":76,"componentContent":92},{"header":51,"text":93,"config":94},"Container images define what runs in each container. Developers should make sure that images don’t contain any security vulnerabilities or compromised code, and should avoid creating extraneous images to minimize the container’s attack surface. Image validation tooling can be used to forbid untrusted images, but is often not enabled by default. Images can also be scanned after they’re built to detect dependent images that might also have vulnerabilities.\n\nUnlike VMs, multiple containers can run on the same operating system and an attack can happen at either level. A vulnerable host OS puts its containers at risk, and a vulnerable container can open an attack pathway to the host OS. Enforce namespace isolation to limit interaction between container and host OS kernel, and automating patching to align with vendor patch releases. The OS should also be as simple as possible, free from unnecessary components (such as apps or libraries that aren’t actually needed to run your orchestrator).\n\nContainer orchestration coordinates and manages containers, allowing containerized applications to scale and support thousands of users. Your orchestrator may have its own out-of-the-box security features, possibly allowing you to create rules for Kubernetes to automatically enforce across all pods within the cluster. This type of basic feature is useful, but is also only a first step towards a more robust set of policies.\n",{"id":95},"many-layers-many-needs",{"type":76,"componentName":76,"componentContent":97},{"header":55,"text":98,"config":99},"Containers may be spread across multiple systems and cloud providers, making access management all the more important. Secrets, which include API keys, login credentials, and tokens, should be stringently managed to ensure container access is limited to privileged users. User access can also be defined by role-based access control, allowing you to limit access to an as-needed basis.\n",{"id":100},"smart-secret-storage",{"type":76,"componentName":76,"componentContent":102},{"header":59,"text":103,"config":104},"Once deployed, container activity must be monitored and teams need to be able to detect and respond to any security threats. Nordcloud suggests monitoring for suspicious behaviors such as network calls, API calls, and unusual login attempts. Teams should have predefined mitigation steps for pods, and should be able to isolate the container on a different network, restart it, or stop it until the threat is identified. This can provide an additional layer of security against malware.\n",{"id":105},"the-importance-of-container-runtime-security",{"type":76,"componentName":76,"componentContent":107},{"header":63,"text":108,"config":109},"Cloud providers also take on some of the work by securing the underlying hardware and basic networks used to provide cloud services, but users still share that responsibility, as well as assuming responsibility for application access, app configuration and patching, and system patching and access.\n",{"id":110},"cloud-native-requires-greater-accountability",{"type":76,"componentName":76,"componentContent":112},{"header":67,"text":113,"config":114},"In 2017, the U.S. Department of Commerce published its [Application Container Security Guide](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-190.pdf). Although this guide is a few years old, teams just adopting containers can still benefit from the following recommendations:\n\n- **Tailor the organization’s operational culture and technical processes to support the new way of developing, running, and supporting applications made possible by containers:** Adopting containers might be disruptive to your existing culture and development methodologies, and your current practices might not be directly applicable in a containerized environment. Encourage, educate, and train your team to rethink how they code and operate.\n\n- **Use container-specific host OSs instead of general-purpose ones to reduce attack surfaces:** A container-specific host OS is a minimalist OS designed to only run containers. Using these OSs greatly reduces attack surfaces, allowing fewer opportunities for your containers to be compromised.\n\n- **Only group containers with the same purpose, sensitivity, and threat posture on a single host OS kernel to allow for additional in-depth defense:** Segmenting containers provides additional defense in-depth. Grouping containers in this manner makes it more difficult for an attacker to expand potential compromises to other groups. It also increases the likelihood that compromises will be detected and contained.\n\n- **Adopt container-specific vulnerability management tools and processes for images to prevent compromises:** Traditional tools make many assumptions that are misaligned with a containerized model, and are often unable to detect vulnerabilities within containers. Organizations should adopt tools and processes to validate and enforce compliance with secure configuration best practices for images – including centralized reporting, monitoring each image, and preventing non-compliant images from being run.\n\n- **Consider using hardware-based countermeasures to provide a basis for trusted computing:** Extend security practices across all tiers of the container technology by basing security on a hardware root of trust, such as the Trusted Platform Module (TPM).\n\n- **Use container-aware runtime defense tools:** Deploy and use a dedicated container security solution capable of monitoring the container environment and providing precise detection of anomalous and malicious activity within it.\n",{"id":115},"the-nist-guidelines-for-container-security",{"type":76,"componentName":76,"componentContent":117},{"header":71,"text":118,"config":119},"[Learn the lingo](/blog/kubernetes-terminology/){data-ga-name=\"kubernetes terminology\" data-ga-location=\"body\"} and get hands on.\n\nDive into [DevSecOps security basics](/topics/devsecops/){data-ga-name=\"devsecops security\" data-ga-location=\"body\"}.\n\nGet started with [DevSecOps with GitLab](/solutions/application-security-testing/){data-ga-name=\"devsecops with gitlab\" data-ga-location=\"body\"}.\n",{"id":120},"learn-more-about-container-security",{"type":122,"componentName":122},"CommonNextSteps","content:en-us:topics:devsecops:beginners-guide-to-container-security:index.yml","yaml","content","en-us/topics/devsecops/beginners-guide-to-container-security/index.yml","en-us/topics/devsecops/beginners-guide-to-container-security/index","yml",{"_path":130,"_dir":131,"_draft":6,"_partial":6,"_locale":7,"data":132,"_id":554,"_type":124,"title":555,"_source":125,"_file":556,"_stem":557,"_extension":128},"/shared/en-us/main-navigation","en-us",{"logo":133,"freeTrial":138,"sales":143,"login":148,"items":153,"search":485,"minimal":516,"duo":535,"pricingDeployment":544},{"config":134},{"href":135,"dataGaName":136,"dataGaLocation":137},"/","gitlab logo","header",{"text":139,"config":140},"Get free trial",{"href":141,"dataGaName":142,"dataGaLocation":137},"https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com&glm_content=default-saas-trial/","free trial",{"text":144,"config":145},"Talk to sales",{"href":146,"dataGaName":147,"dataGaLocation":137},"/sales/","sales",{"text":149,"config":150},"Sign in",{"href":151,"dataGaName":152,"dataGaLocation":137},"https://gitlab.com/users/sign_in/","sign in",[154,198,295,300,406,466],{"text":155,"config":156,"cards":158,"footer":181},"Platform",{"dataNavLevelOne":157},"platform",[159,165,173],{"title":155,"description":160,"link":161},"The most comprehensive AI-powered DevSecOps Platform",{"text":162,"config":163},"Explore our Platform",{"href":164,"dataGaName":157,"dataGaLocation":137},"/platform/",{"title":166,"description":167,"link":168},"GitLab Duo (AI)","Build software faster with AI at every stage of development",{"text":169,"config":170},"Meet GitLab Duo",{"href":171,"dataGaName":172,"dataGaLocation":137},"/gitlab-duo/","gitlab duo ai",{"title":174,"description":175,"link":176},"Why GitLab","10 reasons why Enterprises choose GitLab",{"text":177,"config":178},"Learn more",{"href":179,"dataGaName":180,"dataGaLocation":137},"/why-gitlab/","why gitlab",{"title":182,"items":183},"Get started with",[184,189,194],{"text":185,"config":186},"Platform Engineering",{"href":187,"dataGaName":188,"dataGaLocation":137},"/solutions/platform-engineering/","platform engineering",{"text":190,"config":191},"Developer Experience",{"href":192,"dataGaName":193,"dataGaLocation":137},"/developer-experience/","Developer experience",{"text":195,"config":196},"MLOps",{"href":197,"dataGaName":195,"dataGaLocation":137},"/topics/devops/the-role-of-ai-in-devops/",{"text":199,"left":200,"config":201,"link":203,"lists":207,"footer":277},"Product",true,{"dataNavLevelOne":202},"solutions",{"text":204,"config":205},"View all Solutions",{"href":206,"dataGaName":202,"dataGaLocation":137},"/solutions/",[208,233,256],{"title":209,"description":210,"link":211,"items":216},"Automation","CI/CD and automation to accelerate deployment",{"config":212},{"icon":213,"href":214,"dataGaName":215,"dataGaLocation":137},"AutomatedCodeAlt","/solutions/delivery-automation/","automated software delivery",[217,221,225,229],{"text":218,"config":219},"CI/CD",{"href":220,"dataGaLocation":137,"dataGaName":218},"/solutions/continuous-integration/",{"text":222,"config":223},"AI-Assisted Development",{"href":171,"dataGaLocation":137,"dataGaName":224},"AI assisted development",{"text":226,"config":227},"Source Code Management",{"href":228,"dataGaLocation":137,"dataGaName":226},"/solutions/source-code-management/",{"text":230,"config":231},"Automated Software Delivery",{"href":214,"dataGaLocation":137,"dataGaName":232},"Automated software delivery",{"title":234,"description":235,"link":236,"items":241},"Security","Deliver code faster without compromising security",{"config":237},{"href":238,"dataGaName":239,"dataGaLocation":137,"icon":240},"/solutions/application-security-testing/","security and compliance","ShieldCheckLight",[242,246,251],{"text":243,"config":244},"Application Security Testing",{"href":238,"dataGaName":245,"dataGaLocation":137},"Application security testing",{"text":247,"config":248},"Software Supply Chain Security",{"href":249,"dataGaLocation":137,"dataGaName":250},"/solutions/supply-chain/","Software supply chain security",{"text":252,"config":253},"Software Compliance",{"href":254,"dataGaName":255,"dataGaLocation":137},"/solutions/software-compliance/","software compliance",{"title":257,"link":258,"items":263},"Measurement",{"config":259},{"icon":260,"href":261,"dataGaName":262,"dataGaLocation":137},"DigitalTransformation","/solutions/visibility-measurement/","visibility and measurement",[264,268,272],{"text":265,"config":266},"Visibility & Measurement",{"href":261,"dataGaLocation":137,"dataGaName":267},"Visibility and Measurement",{"text":269,"config":270},"Value Stream Management",{"href":271,"dataGaLocation":137,"dataGaName":269},"/solutions/value-stream-management/",{"text":273,"config":274},"Analytics & Insights",{"href":275,"dataGaLocation":137,"dataGaName":276},"/solutions/analytics-and-insights/","Analytics and insights",{"title":278,"items":279},"GitLab for",[280,285,290],{"text":281,"config":282},"Enterprise",{"href":283,"dataGaLocation":137,"dataGaName":284},"/enterprise/","enterprise",{"text":286,"config":287},"Small Business",{"href":288,"dataGaLocation":137,"dataGaName":289},"/small-business/","small business",{"text":291,"config":292},"Public Sector",{"href":293,"dataGaLocation":137,"dataGaName":294},"/solutions/public-sector/","public sector",{"text":296,"config":297},"Pricing",{"href":298,"dataGaName":299,"dataGaLocation":137,"dataNavLevelOne":299},"/pricing/","pricing",{"text":301,"config":302,"link":304,"lists":308,"feature":393},"Resources",{"dataNavLevelOne":303},"resources",{"text":305,"config":306},"View all resources",{"href":307,"dataGaName":303,"dataGaLocation":137},"/resources/",[309,342,365],{"title":310,"items":311},"Getting started",[312,317,322,327,332,337],{"text":313,"config":314},"Install",{"href":315,"dataGaName":316,"dataGaLocation":137},"/install/","install",{"text":318,"config":319},"Quick start guides",{"href":320,"dataGaName":321,"dataGaLocation":137},"/get-started/","quick setup checklists",{"text":323,"config":324},"Learn",{"href":325,"dataGaLocation":137,"dataGaName":326},"https://university.gitlab.com/","learn",{"text":328,"config":329},"Product documentation",{"href":330,"dataGaName":331,"dataGaLocation":137},"https://docs.gitlab.com/","product documentation",{"text":333,"config":334},"Best practice videos",{"href":335,"dataGaName":336,"dataGaLocation":137},"/getting-started-videos/","best practice videos",{"text":338,"config":339},"Integrations",{"href":340,"dataGaName":341,"dataGaLocation":137},"/integrations/","integrations",{"title":343,"items":344},"Discover",[345,350,355,360],{"text":346,"config":347},"Customer success stories",{"href":348,"dataGaName":349,"dataGaLocation":137},"/customers/","customer success stories",{"text":351,"config":352},"Blog",{"href":353,"dataGaName":354,"dataGaLocation":137},"/blog/","blog",{"text":356,"config":357},"Remote",{"href":358,"dataGaName":359,"dataGaLocation":137},"https://handbook.gitlab.com/handbook/company/culture/all-remote/","remote",{"text":361,"config":362},"TeamOps",{"href":363,"dataGaName":364,"dataGaLocation":137},"/teamops/","teamops",{"title":366,"items":367},"Connect",[368,373,378,383,388],{"text":369,"config":370},"GitLab Services",{"href":371,"dataGaName":372,"dataGaLocation":137},"/services/","services",{"text":374,"config":375},"Community",{"href":376,"dataGaName":377,"dataGaLocation":137},"/community/","community",{"text":379,"config":380},"Forum",{"href":381,"dataGaName":382,"dataGaLocation":137},"https://forum.gitlab.com/","forum",{"text":384,"config":385},"Events",{"href":386,"dataGaName":387,"dataGaLocation":137},"/events/","events",{"text":389,"config":390},"Partners",{"href":391,"dataGaName":392,"dataGaLocation":137},"/partners/","partners",{"backgroundColor":394,"textColor":395,"text":396,"image":397,"link":401},"#2f2a6b","#fff","Insights for the future of software development",{"altText":398,"config":399},"the source promo card",{"src":400},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758208064/dzl0dbift9xdizyelkk4.svg",{"text":402,"config":403},"Read the latest",{"href":404,"dataGaName":405,"dataGaLocation":137},"/the-source/","the source",{"text":407,"config":408,"lists":410},"Company",{"dataNavLevelOne":409},"company",[411],{"items":412},[413,418,424,426,431,436,441,446,451,456,461],{"text":414,"config":415},"About",{"href":416,"dataGaName":417,"dataGaLocation":137},"/company/","about",{"text":419,"config":420,"footerGa":423},"Jobs",{"href":421,"dataGaName":422,"dataGaLocation":137},"/jobs/","jobs",{"dataGaName":422},{"text":384,"config":425},{"href":386,"dataGaName":387,"dataGaLocation":137},{"text":427,"config":428},"Leadership",{"href":429,"dataGaName":430,"dataGaLocation":137},"/company/team/e-group/","leadership",{"text":432,"config":433},"Team",{"href":434,"dataGaName":435,"dataGaLocation":137},"/company/team/","team",{"text":437,"config":438},"Handbook",{"href":439,"dataGaName":440,"dataGaLocation":137},"https://handbook.gitlab.com/","handbook",{"text":442,"config":443},"Investor relations",{"href":444,"dataGaName":445,"dataGaLocation":137},"https://ir.gitlab.com/","investor relations",{"text":447,"config":448},"Trust Center",{"href":449,"dataGaName":450,"dataGaLocation":137},"/security/","trust center",{"text":452,"config":453},"AI Transparency Center",{"href":454,"dataGaName":455,"dataGaLocation":137},"/ai-transparency-center/","ai transparency center",{"text":457,"config":458},"Newsletter",{"href":459,"dataGaName":460,"dataGaLocation":137},"/company/contact/","newsletter",{"text":462,"config":463},"Press",{"href":464,"dataGaName":465,"dataGaLocation":137},"/press/","press",{"text":467,"config":468,"lists":469},"Contact us",{"dataNavLevelOne":409},[470],{"items":471},[472,475,480],{"text":144,"config":473},{"href":146,"dataGaName":474,"dataGaLocation":137},"talk to sales",{"text":476,"config":477},"Support portal",{"href":478,"dataGaName":479,"dataGaLocation":137},"https://support.gitlab.com","support portal",{"text":481,"config":482},"Customer portal",{"href":483,"dataGaName":484,"dataGaLocation":137},"https://customers.gitlab.com/customers/sign_in/","customer portal",{"close":486,"login":487,"suggestions":494},"Close",{"text":488,"link":489},"To search repositories and projects, login to",{"text":490,"config":491},"gitlab.com",{"href":151,"dataGaName":492,"dataGaLocation":493},"search login","search",{"text":495,"default":496},"Suggestions",[497,499,503,505,509,513],{"text":166,"config":498},{"href":171,"dataGaName":166,"dataGaLocation":493},{"text":500,"config":501},"Code Suggestions (AI)",{"href":502,"dataGaName":500,"dataGaLocation":493},"/solutions/code-suggestions/",{"text":218,"config":504},{"href":220,"dataGaName":218,"dataGaLocation":493},{"text":506,"config":507},"GitLab on AWS",{"href":508,"dataGaName":506,"dataGaLocation":493},"/partners/technology-partners/aws/",{"text":510,"config":511},"GitLab on Google Cloud",{"href":512,"dataGaName":510,"dataGaLocation":493},"/partners/technology-partners/google-cloud-platform/",{"text":514,"config":515},"Why GitLab?",{"href":179,"dataGaName":514,"dataGaLocation":493},{"freeTrial":517,"mobileIcon":522,"desktopIcon":527,"secondaryButton":530},{"text":518,"config":519},"Start free trial",{"href":520,"dataGaName":142,"dataGaLocation":521},"https://gitlab.com/-/trials/new/","nav",{"altText":523,"config":524},"Gitlab Icon",{"src":525,"dataGaName":526,"dataGaLocation":521},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758203874/jypbw1jx72aexsoohd7x.svg","gitlab icon",{"altText":523,"config":528},{"src":529,"dataGaName":526,"dataGaLocation":521},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758203875/gs4c8p8opsgvflgkswz9.svg",{"text":531,"config":532},"Get Started",{"href":533,"dataGaName":534,"dataGaLocation":521},"https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/compare/gitlab-vs-github/","get started",{"freeTrial":536,"mobileIcon":540,"desktopIcon":542},{"text":537,"config":538},"Learn more about GitLab Duo",{"href":171,"dataGaName":539,"dataGaLocation":521},"gitlab duo",{"altText":523,"config":541},{"src":525,"dataGaName":526,"dataGaLocation":521},{"altText":523,"config":543},{"src":529,"dataGaName":526,"dataGaLocation":521},{"freeTrial":545,"mobileIcon":550,"desktopIcon":552},{"text":546,"config":547},"Back to pricing",{"href":298,"dataGaName":548,"dataGaLocation":521,"icon":549},"back to pricing","GoBack",{"altText":523,"config":551},{"src":525,"dataGaName":526,"dataGaLocation":521},{"altText":523,"config":553},{"src":529,"dataGaName":526,"dataGaLocation":521},"content:shared:en-us:main-navigation.yml","Main Navigation","shared/en-us/main-navigation.yml","shared/en-us/main-navigation",{"_path":559,"_dir":131,"_draft":6,"_partial":6,"_locale":7,"title":560,"button":561,"image":566,"config":570,"_id":572,"_type":124,"_source":125,"_file":573,"_stem":574,"_extension":128},"/shared/en-us/banner","is now in public beta!",{"text":562,"config":563},"Try the Beta",{"href":564,"dataGaName":565,"dataGaLocation":137},"/gitlab-duo/agent-platform/","duo banner",{"altText":567,"config":568},"GitLab Duo Agent Platform",{"src":569},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1753720689/somrf9zaunk0xlt7ne4x.svg",{"layout":571},"release","content:shared:en-us:banner.yml","shared/en-us/banner.yml","shared/en-us/banner",{"_path":576,"_dir":131,"_draft":6,"_partial":6,"_locale":7,"data":577,"_id":813,"_type":124,"title":814,"_source":125,"_file":815,"_stem":816,"_extension":128},"/shared/en-us/main-footer",{"text":578,"source":579,"edit":585,"contribute":590,"config":595,"items":600,"minimal":805},"Git is a trademark of Software Freedom Conservancy and our use of 'GitLab' is under license",{"text":580,"config":581},"View page source",{"href":582,"dataGaName":583,"dataGaLocation":584},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/","page source","footer",{"text":586,"config":587},"Edit this page",{"href":588,"dataGaName":589,"dataGaLocation":584},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/content/","web ide",{"text":591,"config":592},"Please contribute",{"href":593,"dataGaName":594,"dataGaLocation":584},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/CONTRIBUTING.md/","please contribute",{"twitter":596,"facebook":597,"youtube":598,"linkedin":599},"https://twitter.com/gitlab","https://www.facebook.com/gitlab","https://www.youtube.com/channel/UCnMGQ8QHMAnVIsI3xJrihhg","https://www.linkedin.com/company/gitlab-com",[601,648,698,742,771],{"title":296,"links":602,"subMenu":617},[603,607,612],{"text":604,"config":605},"View plans",{"href":298,"dataGaName":606,"dataGaLocation":584},"view plans",{"text":608,"config":609},"Why Premium?",{"href":610,"dataGaName":611,"dataGaLocation":584},"/pricing/premium/","why premium",{"text":613,"config":614},"Why Ultimate?",{"href":615,"dataGaName":616,"dataGaLocation":584},"/pricing/ultimate/","why ultimate",[618],{"title":619,"links":620},"Contact Us",[621,624,626,628,633,638,643],{"text":622,"config":623},"Contact sales",{"href":146,"dataGaName":147,"dataGaLocation":584},{"text":476,"config":625},{"href":478,"dataGaName":479,"dataGaLocation":584},{"text":481,"config":627},{"href":483,"dataGaName":484,"dataGaLocation":584},{"text":629,"config":630},"Status",{"href":631,"dataGaName":632,"dataGaLocation":584},"https://status.gitlab.com/","status",{"text":634,"config":635},"Terms of use",{"href":636,"dataGaName":637,"dataGaLocation":584},"/terms/","terms of use",{"text":639,"config":640},"Privacy statement",{"href":641,"dataGaName":642,"dataGaLocation":584},"/privacy/","privacy statement",{"text":644,"config":645},"Cookie preferences",{"dataGaName":646,"dataGaLocation":584,"id":647,"isOneTrustButton":200},"cookie preferences","ot-sdk-btn",{"title":199,"links":649,"subMenu":657},[650,654],{"text":651,"config":652},"DevSecOps platform",{"href":164,"dataGaName":653,"dataGaLocation":584},"devsecops platform",{"text":222,"config":655},{"href":171,"dataGaName":656,"dataGaLocation":584},"ai-assisted development",[658],{"title":17,"links":659},[660,665,670,675,680,683,688,693],{"text":661,"config":662},"CICD",{"href":663,"dataGaName":664,"dataGaLocation":584},"/topics/ci-cd/","cicd",{"text":666,"config":667},"GitOps",{"href":668,"dataGaName":669,"dataGaLocation":584},"/topics/gitops/","gitops",{"text":671,"config":672},"DevOps",{"href":673,"dataGaName":674,"dataGaLocation":584},"/topics/devops/","devops",{"text":676,"config":677},"Version Control",{"href":678,"dataGaName":679,"dataGaLocation":584},"/topics/version-control/","version control",{"text":681,"config":682},"DevSecOps",{"href":23,"dataGaName":5,"dataGaLocation":584},{"text":684,"config":685},"Cloud Native",{"href":686,"dataGaName":687,"dataGaLocation":584},"/topics/cloud-native/","cloud native",{"text":689,"config":690},"AI for Coding",{"href":691,"dataGaName":692,"dataGaLocation":584},"/topics/devops/ai-for-coding/","ai for coding",{"text":694,"config":695},"Agentic AI",{"href":696,"dataGaName":697,"dataGaLocation":584},"/topics/agentic-ai/","agentic ai",{"title":699,"links":700},"Solutions",[701,703,705,710,714,717,721,724,726,729,732,737],{"text":243,"config":702},{"href":238,"dataGaName":243,"dataGaLocation":584},{"text":232,"config":704},{"href":214,"dataGaName":215,"dataGaLocation":584},{"text":706,"config":707},"Agile development",{"href":708,"dataGaName":709,"dataGaLocation":584},"/solutions/agile-delivery/","agile delivery",{"text":711,"config":712},"SCM",{"href":228,"dataGaName":713,"dataGaLocation":584},"source code management",{"text":661,"config":715},{"href":220,"dataGaName":716,"dataGaLocation":584},"continuous integration & delivery",{"text":718,"config":719},"Value stream management",{"href":271,"dataGaName":720,"dataGaLocation":584},"value stream management",{"text":666,"config":722},{"href":723,"dataGaName":669,"dataGaLocation":584},"/solutions/gitops/",{"text":281,"config":725},{"href":283,"dataGaName":284,"dataGaLocation":584},{"text":727,"config":728},"Small business",{"href":288,"dataGaName":289,"dataGaLocation":584},{"text":730,"config":731},"Public sector",{"href":293,"dataGaName":294,"dataGaLocation":584},{"text":733,"config":734},"Education",{"href":735,"dataGaName":736,"dataGaLocation":584},"/solutions/education/","education",{"text":738,"config":739},"Financial services",{"href":740,"dataGaName":741,"dataGaLocation":584},"/solutions/finance/","financial services",{"title":301,"links":743},[744,746,748,750,753,755,757,759,761,763,765,767,769],{"text":313,"config":745},{"href":315,"dataGaName":316,"dataGaLocation":584},{"text":318,"config":747},{"href":320,"dataGaName":321,"dataGaLocation":584},{"text":323,"config":749},{"href":325,"dataGaName":326,"dataGaLocation":584},{"text":328,"config":751},{"href":330,"dataGaName":752,"dataGaLocation":584},"docs",{"text":351,"config":754},{"href":353,"dataGaName":354,"dataGaLocation":584},{"text":346,"config":756},{"href":348,"dataGaName":349,"dataGaLocation":584},{"text":356,"config":758},{"href":358,"dataGaName":359,"dataGaLocation":584},{"text":369,"config":760},{"href":371,"dataGaName":372,"dataGaLocation":584},{"text":361,"config":762},{"href":363,"dataGaName":364,"dataGaLocation":584},{"text":374,"config":764},{"href":376,"dataGaName":377,"dataGaLocation":584},{"text":379,"config":766},{"href":381,"dataGaName":382,"dataGaLocation":584},{"text":384,"config":768},{"href":386,"dataGaName":387,"dataGaLocation":584},{"text":389,"config":770},{"href":391,"dataGaName":392,"dataGaLocation":584},{"title":407,"links":772},[773,775,777,779,781,783,785,789,794,796,798,800],{"text":414,"config":774},{"href":416,"dataGaName":409,"dataGaLocation":584},{"text":419,"config":776},{"href":421,"dataGaName":422,"dataGaLocation":584},{"text":427,"config":778},{"href":429,"dataGaName":430,"dataGaLocation":584},{"text":432,"config":780},{"href":434,"dataGaName":435,"dataGaLocation":584},{"text":437,"config":782},{"href":439,"dataGaName":440,"dataGaLocation":584},{"text":442,"config":784},{"href":444,"dataGaName":445,"dataGaLocation":584},{"text":786,"config":787},"Sustainability",{"href":788,"dataGaName":786,"dataGaLocation":584},"/sustainability/",{"text":790,"config":791},"Diversity, inclusion and belonging (DIB)",{"href":792,"dataGaName":793,"dataGaLocation":584},"/diversity-inclusion-belonging/","Diversity, inclusion and belonging",{"text":447,"config":795},{"href":449,"dataGaName":450,"dataGaLocation":584},{"text":457,"config":797},{"href":459,"dataGaName":460,"dataGaLocation":584},{"text":462,"config":799},{"href":464,"dataGaName":465,"dataGaLocation":584},{"text":801,"config":802},"Modern Slavery Transparency Statement",{"href":803,"dataGaName":804,"dataGaLocation":584},"https://handbook.gitlab.com/handbook/legal/modern-slavery-act-transparency-statement/","modern slavery transparency statement",{"items":806},[807,809,811],{"text":634,"config":808},{"href":636,"dataGaName":637,"dataGaLocation":584},{"text":639,"config":810},{"href":641,"dataGaName":642,"dataGaLocation":584},{"text":644,"config":812},{"dataGaName":646,"dataGaLocation":584,"id":647,"isOneTrustButton":200},"content:shared:en-us:main-footer.yml","Main Footer","shared/en-us/main-footer.yml","shared/en-us/main-footer",{"_path":818,"_dir":131,"_draft":6,"_partial":6,"_locale":7,"header":819,"eyebrow":820,"blurb":821,"button":822,"secondaryButton":826,"_id":828,"_type":124,"title":829,"_source":125,"_file":830,"_stem":831,"_extension":128},"/shared/en-us/next-steps","Start shipping better software faster","50%+ of the Fortune 100 trust GitLab","See what your team can do with the intelligent\n\n\nDevSecOps platform.\n",{"text":139,"config":823},{"href":824,"dataGaName":142,"dataGaLocation":825},"https://gitlab.com/-/trial_registrations/new?glm_content=default-saas-trial&glm_source=about.gitlab.com/","feature",{"text":144,"config":827},{"href":146,"dataGaName":147,"dataGaLocation":825},"content:shared:en-us:next-steps.yml","Next Steps","shared/en-us/next-steps.yml","shared/en-us/next-steps",{"_path":4,"_dir":5,"_draft":6,"_partial":6,"_locale":7,"seo":833,"content":834,"_id":123,"_type":124,"title":7,"_source":125,"_file":126,"_stem":127,"_extension":128},{"title":9,"ogTitle":9,"description":10,"ogDescription":10},[835,843,846,896],{"type":13,"componentName":13,"componentContent":836},{"crumbs":837},[838,840,842],{"title":17,"config":839},{"href":19},{"title":21,"config":841},{"href":23},{"title":25},{"type":27,"componentName":27,"componentContent":844},{"title":9,"text":29,"config":845},{"id":31,"twoColumns":6},{"type":33,"componentName":33,"componentContent":847},{"anchors":848,"components":868},{"text":36,"data":849},[850,852,854,856,858,860,862,864,866],{"text":39,"config":851},{"href":41},{"text":43,"config":853},{"href":45},{"text":47,"config":855},{"href":49},{"text":51,"config":857},{"href":53},{"text":55,"config":859},{"href":57},{"text":59,"config":861},{"href":61},{"text":63,"config":863},{"href":65},{"text":67,"config":865},{"href":69},{"text":71,"config":867},{"href":73},[869,872,875,878,881,884,887,890,893],{"type":76,"componentName":76,"componentContent":870},{"header":39,"text":78,"config":871},{"id":80},{"type":76,"componentName":76,"componentContent":873},{"header":43,"text":83,"config":874},{"id":85},{"type":76,"componentName":76,"componentContent":876},{"header":47,"text":88,"config":877},{"id":90},{"type":76,"componentName":76,"componentContent":879},{"header":51,"text":93,"config":880},{"id":95},{"type":76,"componentName":76,"componentContent":882},{"header":55,"text":98,"config":883},{"id":100},{"type":76,"componentName":76,"componentContent":885},{"header":59,"text":103,"config":886},{"id":105},{"type":76,"componentName":76,"componentContent":888},{"header":63,"text":108,"config":889},{"id":110},{"type":76,"componentName":76,"componentContent":891},{"header":67,"text":113,"config":892},{"id":115},{"type":76,"componentName":76,"componentContent":894},{"header":71,"text":118,"config":895},{"id":120},{"type":122,"componentName":122},1761814439893]