Secure by Design principles meet DevSecOps innovation in GitLab 17
Table of Contents
- Enhance secure coding practices
- Align to the principle of least privilege
- Commitment to Secure by Design principles
1. Enhance secure coding practices
GitLab 17 aligns with Secure by Design principles by enhancing secure coding practices. This includes:
- Streamlined Static Application Security Testing (SAST) analyzer coverage for more languages.
- Improved Vulnerability Report filtering for increased usability at scale.
- Providing vulnerability insights, security training, and vulnerability explanation.
- Introducing GitLab Duo, featuring AI-powered features for memory-safe code conversions.
2. Align to the principle of least privilege
GitLab 17 aligns with Secure by Design principles by adhering to the principle of least privilege (PoLP). This is achieved through:
- Establishing rules and policies tailored to the organization's unique needs.
- Utilizing granular user roles, permissions, and customizable compliance settings for specific projects, groups, and individuals.
- Aligning product deployment guides with zero trust architecture, such as the CISA Zero Trust Maturity Model.
3. Commitment to Secure by Design principles
- GitLab recently joined technology leaders in signing CISA’s Secure by Design Pledge, demonstrating our commitment to uphold Secure by Design goals.
- With the launch of GitLab 17, GitLab advances security and compliance solutions, leveraging AI advancements to empower clients in embracing a Secure by Design methodology confidently.