Browse articles that include the security research tag
Recent posts
Security
How we’re creating a threat model framework that works for GitLab
As usual, we’re creating our own path in how we handle our threat modeling, approaching development both iteratively and collaboratively, and seriously shifting left with our framework and processes.
Security
Git security audit: Inside the hunt for - and discovery of - CVEs
Get a behind-the-scenes look at how I helped discover the vulnerability that became CVE-2022-41903.
Security
GitLab instance: security best practices
Default settings on products can be massively helpful. However, when it comes to hardening your GitLab instance, we’ve got some helpful configuration recommendations from our security team.
Security
GitLab's security trends report – our latest look at what's most vulnerable
From triage to containers and secrets storage, we took a look at the most vulnerable areas across thousands of hosted projects on GitLab.com. Here's what you need to know.
Security
How to benchmark security tools: a case study using WebGoat
When tasked to compare security tools, it's critical to understand what's a fair benchmark. We take you step by step through WebGoat's lessons and compare them to SAST and DAST results.
Security
How to configure DAST full scans for complex web applications
Keep your DAST job within timeout limits and fine-tune job configurations for better results
Security
How to exploit parser differentials
Your guide to abusing 'language barriers' between web components.
Find out which plan works best for your team
Learn about pricingLearn about what GitLab can do for your team
Talk to an expert