urlscan.io logo urlscan.io
SecurityTrails logo

about.gitlab.com Open in urlscan Pro
2a04:4e42::561  Public Scan

Back to summary
Submitted URL: https://fineshift.tellwise.com/rest/v1/url/redirect/eyJJZCI6MTEyNTkyMjQzNzEzMjQ4MSwiSW52aXRhdGlvbklkIjoxMTM0NDE2MjE1MTk5Nzk2fQ
Effective URL: https://about.gitlab.com/solutions/dev-sec-ops/
Submission: On October 12 via api from SG — Scanned from DE

Form analysis 1 forms found in the DOM

<form>
  <input class="st-default-search-input st-search-set-focus" type="text" value="" placeholder="Search this site" aria-label="Search this site" id="st-overlay-search-input" autocomplete="off" autocorrect="off" autocapitalize="off">
</form>

Text Content

Support
 * Contact support

 * Get help

 * Set up support services

 * Contact Sales

 * Register

Login
GitLab home page
 * Why GitLab

 * Platform

 * Solutions

 * Pricing

 * Partners

 * Resources

 * Support

Talk to an expert Get free trial
GitLab home page
Talk to an expert Get free trial
Get free trial
GitLab home page

×


DEVSECOPS WITH GITLAB

Integrating security into your DevOps lifecycle is easy with GitLab. Security
and compliance are built-in, out of the box, giving you the visibility and
control necessary to protect the integrity of your software.

Start your free trial

Learn about pricing





THE DEVOPS PLATFORM THAT SIMPLIFIES DEVSECOPS

GitLab is known for industry-leading Source Code Management (SCM) and Continuous
Integration (CI). Developers want to use GitLab. We make it easy for them to
develop more secure and compliant software. The GitLab DevOps platform shifts
both security and compliance earlier in the development process with consistent
pipelines that automate scanning and policies. Uniting developers and security
pros within one platform streamlines vulnerability management for both and
improves collaboration.

 * Application security testing and remediation. With every code commit, GitLab
   provides actionable vulnerability findings to developers while helping
   security pros manage remaining vulnerabilities through resolution.

 * Cloud Native Application Protection. GitLab helps you monitor and protect
   your deployed containerized applications.

 * Policy Compliance and Auditability. GitLab’s MR approvals, end-to-end
   transparency of who changed what, when, and where, along with a compliance
   dashboard and common controls help you meet your compliance needs.

 * SDLC Platform Security. See how we secure the GitLab software.



--------------------------------------------------------------------------------


THE GITLAB DIFFERENCE

Simplicity

One platform, one price, with comprehensive application security.

 * Application Security Testing
 * Vulnerability Management
 * Scan Deployed Images

Control

Compliance framework for consistency, common controls, policy automation.

 * Common compliance controls
 * Security Policy Configuration
 * Compliant pipelines

Visibility

See who changed what, where, when, end-to-end.

 * Audit Events
 * Audit Reports
 * Dependency List (BOM)


DEVSECOPS SIMPLIFIED

Continuous security testing capabilities



--------------------------------------------------------------------------------


CAPABILITIES INCLUDED WITHIN THE GITLAB ULTIMATE TIER




COMPREHENSIVE APPLICATION SECURITY SCANNING FOR DEVELOPERS

Shift security left to empower developers to find and fix security flaws as they
are created.

 * Automatically include application security testing in your CI pipelines - one
   tool, one cost, one user interface, one source of truth to unite dev and sec.

 * Provide actionable scan results to the developer to assess and resolve
   potential vulnerabilities at code commit, before code is merged - even for
   DAST.

 * Auto Remediation automatically creates a patch to resolve some
   vulnerabilities.

 * Scanners include SAST , DAST, Dependency scanning, License Compliance,
   Container scanning, Cluster Image Scanning, web API testing,
   Infrastructure-as-code (IaC) testing, Secret Detection



--------------------------------------------------------------------------------


VULNERABILITY MANAGEMENT FOR SECURITY PROS

Assess and triage vulnerabilities that remain after code changes are merged.

 * Security pros can manage vulnerabilities across projects and groups to
   evaluate and triage vulnerabilities.

 * Dynamically test running web applications on demand for known runtime
   vulnerabilities.

 * Show all dependencies used in a project via a Dependency List (also called a
   Bill of Materials).

 * Export findings, import findings from their party scanners and bug bounties.
   Filter by scanner vendor



--------------------------------------------------------------------------------


SECURITY AND COMPLIANCE GOVERNANCE

Automate security and compliance policies across your software development
lifecycle.

 * Compliant pipelines for consistent use of security policies. Security
   configuration via check-boxes and granular controls - no need to code
   pipelines.

 * Security dashboards at the project, group, and instance level, along with a
   personalized view of specific projects.

 * Policy management for MR approvals, separation of duties and other common
   controls, including a Compliance Report.



--------------------------------------------------------------------------------


CLOUD NATIVE SECURITY

 * Container scanning, cluster image scanning, Infrastructure-as-code (IaC)
   scanning , web API fuzzing. All scan results are provided to the developer
   within their CI pipeline alongside more traditional scan results - no
   do-it-yourself integration is required.



--------------------------------------------------------------------------------


ADDITIONAL CAPABILITIES WITHIN GITLAB ULTIMATE


 * Fuzz Testing - Fuzz testing acquisitions have been integrated alongside other
   scanners in the merge request pipeline. Apply this powerful technology to
   automatically test for unknown security flaws with coverage-guided fuzzing
   and API fuzzing
 * Offline Environments - self-managed customers can run most of the GitLab
   security scanners when not connected to the internet
 * Mobile app testing - Test mobile applications within your CI pipeline
   including Kotlin, Swift, Objective-C, and Java.



--------------------------------------------------------------------------------


CAPABILITIES INCLUDED WITHIN ALL GITLAB TIERS




BASIC APPLICATION SECURITY

 * SAST and Secret Detection are automatically includeed in your CI pipelines -
   with no integration required.

 * Provide basic scan results to the developer at code commit, before code is
   merged. Results may be downloaded for analysis. Note that use of interactive
   findings in the Vulnerability Report requires the GitLab Ultimate tier.



--------------------------------------------------------------------------------


WHY INTEGRATION MATTERS FOR DEVSECOPS


 * Every piece of code is tested upon commit for security threats, without
   incremental cost.
 * The developer can remediate now, while they are still working in that code,
   or create an issue with one click.
 * The security pro can see and manage unresolved vulnerabilities captured as a
   by-product of software development.
 * Single source of truth can focus collaboration on remediation, eliminating
   translation and finger pointing.
 * A single tool reduces cost to buy, integrate and maintain point solutions
   throughout the DevOps pipeline.



--------------------------------------------------------------------------------


MEETING YOUR BUSINESS OBJECTIVES



We welcome your feedback and contribution to our vision and roadmap



Shift security and compliance left

Empower developers to find and fix flaws.

 * Keep it simple. No need to integrate and maintain disparate tools. One tool,
   one price
 * Findings from all scanners within the developer's pipeline.

Consistently compliant pipelines

Easily ensure pipelines consistently meet policy requirements

 * Choose your compliance framework and automatically apply it to every
   pipeline.
 * Security configuration for security pros (without coding yml)

Software Supply Chain Security

Protect your applications and their surrounding infrastructure.

 * Manage security policies across the software development lifecyle.
 * Auditability and traceability to see who changed what, where, from planning
   through production.


RESOURCES

 * Learn how to add Security to your CICD Pipeline
 * Efficiently manage vulnerabilities and risk using the GitLab Security
   Dashboards
 * Manage your Application Dependencies
 * Use GitLab Application Security Capabilities with Jenkins
 * 451 Research opinion: GitLab broadens view of DevOps
 * See how we compare against other Security tools


TAKE GITLAB FOR A SPIN

See what your team could do with the One DevOps Platform.

Get free trial

Have a question? We're here to help.

Talk to an expert


PLATFORM

 * Why GitLab
 * Pricing
 * The DevOps Lifecycle
 * Features
 * Releases


SOLUTIONS

 * Enterprise
 * Small Business
 * Continuous Integration
 * Public Sector
 * Education


RESOURCES

 * Blog
 * Install
 * Docs
 * Developer Portal
 * Newsletter


SUPPORT

 * Get help
 * Contact Sales
 * Support
 * Status
 * Customers Portal
 * Community Forum


COMPANY

 * About
 * Jobs
 * Leadership
 * Board of Directors
 * Team
 * Press
 * Investor Relations
 * Handbook
 * Terms of Use
 * Privacy Statement
 * Cookie Preferences
 * Shop

Git is a trademark of Software Freedom Conservancy and our use of 'GitLab' is
under license

View page source — Edit in Web IDE — please contribute.

© 2022 GitLab B.V.

 * 
 * 
 * 
 * 


THIS WEBSITE USES COOKIES

We use cookies to make our websites and services operate correctly, to
understand how visitors engage with us and to improve our product and marketing
efforts. See our cookie policy for more information.Cookie Policy

Cookies Settings Accept All Cookies



PRIVACY PREFERENCE CENTER




 * YOUR PRIVACY


 * STRICTLY NECESSARY COOKIES


 * FUNCTIONALITY COOKIES


 * PERFORMANCE AND ANALYTICS COOKIES


 * TARGETING AND ADVERTISING COOKIES

YOUR PRIVACY

When you visit any website, it may store or retrieve information on your
browser, mostly in the form of cookies. This information might be about you,
your preferences or your device and is mostly used to make the site work as you
expect it to. The information does not usually directly identify you, but it can
give you a more personalized web experience. Because we respect your right to
privacy, you can choose not to allow some types of cookies. Click on the
different category headings to find out more and change our default settings.
However, blocking some types of cookies may impact your experience of the site
and the services we are able to offer.
Cookie Policy

STRICTLY NECESSARY COOKIES

Always Active

These cookies are necessary for the website to function and cannot be switched
off in our systems. They are usually only set in response to actions made by you
which amount to a request for services, such as setting your privacy
preferences, enabling you to securely log into the site, filling in forms, or
using the customer checkout. GitLab processes any personal data collected
through these cookies on the basis of our legitimate interest.

Cookies Details‎

FUNCTIONALITY COOKIES

Functionality Cookies


These cookies enable helpful but non-essential website functions that improve
your website experience. By recognizing you when you return to our website, they
may, for example, allow us to personalize our content for you or remember your
preferences. If you do not allow these cookies then some or all of these
services may not function properly. GitLab processes any personal data collected
through these cookies on the basis of your consent

Cookies Details‎

PERFORMANCE AND ANALYTICS COOKIES

Performance and Analytics Cookies


These cookies allow us and our third-party service providers to recognize and
count the number of visitors on our websites and to see how visitors move around
our websites when they are using it. This helps us improve our products and
ensures that users can easily find what they need on our websites. These cookies
usually generate aggregate statistics that are not associated with an
individual. To the extent any personal data is collected through these cookies,
GitLab processes that data on the basis of your consent.

Cookies Details‎

TARGETING AND ADVERTISING COOKIES

Targeting and Advertising Cookies


These cookies enable different advertising related functions. They may allow us
to record information about your visit to our websites, such as pages visited,
links followed, and videos viewed so we can make our websites and the
advertising displayed on it more relevant to your interests. They may be set
through our website by our advertising partners. They may be used by those
companies to build a profile of your interests and show you relevant
advertisements on other websites. GitLab processes any personal data collected
through these cookies on the basis of your consent.

Cookies Details‎
Back Button


BACK

Filter Button
Consent Leg.Interest
checkbox label label
checkbox label label
checkbox label label

 * View Third Party Cookies
    * Name
      cookie name


Clear
checkbox label label
Apply Cancel
Confirm My Choices
Allow All


Close


suggested results