GitLab CISO on proactive monitoring and metrics for DevSecOps success
In this Help Net Security interview, Josh Lemos, CISO at GitLab, talks about the shift from DevOps to DevSecOps, focusing on the complexity of building systems and integrating …
Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409)
If you run a self-managed GitLab installation with configured SAML-based authentication and you haven’t upgraded it since mid-September, do it now, because security …
Number of incidents affecting GitHub, Bitbucket, GitLab, and Jira continues to rise
Outages, human errors, cyberattacks, data breaches, ransomware, security vulnerabilities, and, as a result, data loss are the reality that DevSecOps teams have to face every …
GitLab unveils AI capabilities to help organizations better secure their software
GitLab announced new innovations across the platform to streamline how organizations build, test, secure, and deploy software. Introducing GitLab Duo Enterprise GitLab Duo …
Self-managed GitLab installations should be patched again (CVE-2024-0402)
Less than two weeks after having plugged a security hole that allows account takeover without user interaction, GitLab Inc. has patched a critical vulnerability …
Critical GitLab flaw allows account takeover without user interaction, patch quickly! (CVE-2023-7028)
A critical vulnerability in GitLab CE/EE (CVE-2023-7028) can be easily exploited by attackers to reset GitLab user account passwords. While also vulnerable, users who have …
Balancing AI’s promise with privacy and intellectual property concerns
Organizations increasingly integrate AI technologies into their cybersecurity architectures to enhance detection, response, and mitigation capabilities. One of the key …
GitLab updates Duo to enhance security and efficiency throughout SDLC
GitLab has unveiled updates to GitLab Duo, the company’s suite of AI capabilities, including the beta of GitLab Duo Chat available in the GitLab 16.6 November product release, …
GitLab fixes critical vulnerability, patch now! (CVE-2023-5009)
GitLab has fixed a critical vulnerability (CVE-2023-5009) in the Enterprise Edition (EE) and Community Edition (CE) of its widely used DevOps platform. The flaw may allow a …
Privacy concerns cast a shadow on AI’s potential for software development
Organizations are optimistic about AI, but AI adoption requires attention to privacy and security, productivity, and training, according to GitLab. “The transformational …
oak9 adds GitLab support to alert developers of security gaps
Open-source code repositories have become integral to developers, enabling them to work faster and more flexibly with the added benefit of collaborating with other developers. …
Appdome and GitLab partner to strengthen mobile app defense
Appdome has released a pre-built integration between its platform and GitLab that is part of Appdome’s Dev2Cyber Partner initiative to accelerate delivery of secure …
Featured news
Resources
Don't miss
- Hawk Eye: Open-source scanner uncovers secrets and PII across platforms
- The Zoom attack you didn’t see coming
- Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035)
- The UK’s phone theft crisis is a wake-up call for digital security
- Securing digital products under the Cyber Resilience Act