Home / Companies / GitLab / Blog / Post Details
Content Deep Dive

GitLab Security in 2021: protect, enhance, certify and strengthen

Blog post from GitLab

Post Details
Company
Date Published
Author
Johnathan Hunt
Word Count
2,062
Company Posts That Month
18
Language
English
Hacker News Points
-
Summary

In 2021, GitLab focused on strengthening its security posture amidst the challenges posed by the Log4j vulnerability, expanding its Security department, and enhancing enterprise SaaS security. The company achieved significant milestones, including the expansion of its security certifications portfolio with reports such as SOC 2 Type 2/SOC 3 and ISO/IEC 27001:2013, emphasizing its commitment to information security management. GitLab enhanced its control monitoring capabilities by adopting the Secure Control Framework and implementing automation for compliance and regulatory workflows. The Security Operations team improved incident response through endpoint detection and response platforms, while the Security Engineering sub-department introduced tools like Spamcheck and Package Hunter to bolster product security. The year also saw the establishment of an Infrastructure Security team to address vulnerabilities and enhance security observability. With a robust bug bounty program and a collaborative approach involving various teams and the GitLab community, the company made strides in reducing risk and ensuring the security of its products and services.

Trends Found in this Post

No tracked trend matches for this post yet.