Recent posts
Security Labs
Git security audit: Inside the hunt for - and discovery of - CVEs
Get a behind-the-scenes look at how I helped discover the vulnerability that became CVE-2022-41903.
Security
Terraform as part of the software supply chain, Part 1 - Modules and Providers
We examine the supply chain aspects of Terraform, starting with a closer look at malicious Terraform modules and providers and how you can better secure them.
Security
A brief look at Gitpod, two bugs, and a quick fix
Our security researcher takes a look at Gitpod and finds some access tokens under the carpet.
Unfiltered
Switching “sides” in security
How does product security work differ from pen testing and hacking all the things?
Security
How to play GitLab's Capture the Flag at home
Our AppSec team built and ran a CTF, and now it's available for you to play at home.
Find out which plan works best for your team
Learn about pricingLearn about what GitLab can do for your team
Talk to an expert