BlogSecurity

Browse articles from Security

A comprehensive guide to GitLab DAST

DevSecOps teams can learn how to implement and configure dynamic application security testing, perform passive/active scans, and set security policies.
Author: Fernando DiazRead Post

Recent posts

Security

A developer's guide to building secure retail apps with GitLab

Learn how a DevSecOps platform helps retailers develop secure, compliant software for complex, high-traffic retail environments.

Security

GitLab uncovers Bittensor theft campaign via PyPI

GitLab's Vulnerability Research team identified a supply chain attack campaign using typosquatted PyPI packages to steal cryptocurrency from Bittensor wallets by hijacking staking operations.

Security

Securing AI together: GitLab’s partnership with security researchers

Learn how GitLab collaborates with security researchers to identify and defend against emerging threats.

Security

How to transform compliance observation management with GitLab

Learn how GitLab's Security Compliance team improved observation management using the DevSecOps platform, enhancing visibility, collaboration, and accountability.

Security

Software supply chain security guide: Why organizations struggle

Part 1 of this new series explores fundamental challenges, practical solutions, and emerging trends, including AI, that every development team needs to understand.

Security

Bridging the visibility gap in software supply chain security

GitLab 18.2 includes support for comprehensive scanner coverage and transitive dependency visualization.

Security

GitLab catches MongoDB Go module supply chain attack

Learn how GitLab detected a supply chain attack targeting Go developers through fake MongoDB drivers that deploy persistent backdoor malware.

Security

Automating role-based access control (RBAC) at scale

This guide details setting up GitLab + Keycloak + OIDC for RBAC, covering planning, Docker configuration, and automated access governance for DevSecOps.

Security

Last year we signed the Secure by Design pledge - here's our progress

Learn about GitLab's CISA-aligned additions and improvements around MFA, default password reduction, patching, and vulnerability disclosure.

Ready to get started?

See what your team could do with a unified DevSecOps Platform

Get free trial

Find out which plan works best for your team

Learn about pricing

Learn about what GitLab can do for your team

Talk to an expert