Category: Security

When the Cybersecurity and Infrastructure Security Agency (CISA) first published its Secure by Design software protection initiative on April 13,…

The CIS Benchmarks™ play a critical role in hardening software against evolving cyber threats and ensuring compliance with industry regulations.…

Each day you build software there is another opportunity for security vulnerabilities to creep into production. So it is becoming…

GitLab is aware of CVE-2024-3094, where malicious code was back-doored into the xz-utils lossless compression software suite, affecting xz-utils Versions…

Security releases are an important part of modern software delivery. Historically, GitLab committed to one security release a month, with…

We hear you: Managing cloud accounts is risky, tedious, and time-consuming, but also a must-have in many situations. You might…

The Maven dependency proxy was released in GitLab 16.8. This new feature allows organizations to proxy and cache packages from…

Insecure secret management practices (SMPs) pose a significant risk to any company, especially those tasked with the storage and protection…

Today, we are open-sourcing our solution for detecting secrets in video content. We use it internally to search videos published…

The principle of least privilege (PoLP) is a concept in which a user’s access rights should be limited to the…