BlogSecurity

Browse articles from Security

Last year we signed the Secure by Design pledge - here's our progress

Learn about GitLab's CISA-aligned additions and improvements around MFA, default password reduction, patching, and vulnerability disclosure.
Author: Joseph LongoRead Post

Recent posts

Security

Introducing compromised password detection for GitLab.com

GitLab is adding compromised password detection on June 19, 2025. After that date, users logging in with known compromised passwords will be warned. Here is what you need to know.

Security

Tutorial: Secure and optimize your Maven Repository in GitLab

Learn the best practices, advanced techniques, and upcoming features that improve the efficiency of your DevSecOps workflow.

Security

Our step-by-step guide to evaluating runtime security tools

Key learnings from the GitLab Security team’s runtime security tool evaluation on Kubernetes clusters and Linux servers using real-world attack simulations.

Security

How to use GitLab's Custom Compliance Frameworks in your DevSecOps environment

Explore how new frameworks, along with more than 50 out-of-the-box controls, transform regulatory requirements from burdensome checkboxes to integrated, automated workflow components.

Security

Introducing Custom Compliance Frameworks in GitLab

Reduce manual tracking, accelerate audit readiness, and enforce controls faster natively within GitLab DevSecOps workflows.

Security

Enhance application security with GitLab + HackerOne

Learn about the GitLab + HackerOne partnership and how to easily implement an integration that improves your organization’s application security posture.

Security

Secure and safe login and commits with GitLab + Yubico

Learn how GitLab and Yubico have partnered to strengthen software development security through robust authentication measures.

Security

Strengthen data security with custom PII detection rulesets

This tutorial explains how GitLab's customizable Secret Detection rulesets enhance data security by identifying PII patterns in code repositories. Learn how AI can help.

Security

Self-service security alert handling with GitLab's UAM

The User Attestation Module automates security alerts by routing them directly to team members for verification, reducing manual SecOps work and enhancing audit trails.

Ready to get started?

See what your team could do with a unified DevSecOps Platform

Get free trial

Find out which plan works best for your team

Learn about pricing

Learn about what GitLab can do for your team

Talk to an expert