Trust Center

Start your security review
View & download sensitive information
Ask for information
Search items
ControlK

At GitLab, we're committed to Information Security. It is GitLab’s mission to make it so that everyone can contribute, and it's our Security Division's mission to enable everyone to innovate and succeed on a safe, secure, and trusted DevSecOps platform. To learn more, visit the security section of our handbook.

GitLab's AI Transparency Center can be found here.

Start your security review
View & download sensitive information
Ask for information
Goldman Sachs-company-logoGoldman Sachs
Airbus-company-logoAirbus
Lockheed Martin-company-logoLockheed Martin
NVIDIA-company-logoNVIDIA
UBS-company-logoUBS
Pentest Executive Summary

Knowledge Base

    Do GitLab's AI-features process personal data as part of the Services?
    Do you have contracts with sub-processors that are substantially similar to the data processing provisions entered into with Customer?
    Does GitLab collect sensitive data?
    Will GitLab transfer Customer personal data outside of the European Economic Area (EEA)?
    Do you have a transfer impact guide for Customers transferring EEA data to GitLab in the United States?
View more

Trust Center Updates

Documents Updated with Japanese, German, and French Translations

GeneralCopy link

GitLab has updated the following documents for both GitLab.com and GitLab Dedicated with Japanese, German, and French translations:

  • Securing Customer Data Report
  • GitLab Technical Paper - Securing GitLab's Supply Chain
  • CAIQ
  • ISO Certificate
  • ISO 27001 Summary Letter
Published at N/A

Sisense Incident

IncidentsCopy link

GitLab is aware of a recently reported data breach at Sisense. GitLab does not currently use Sisense for GitLab.com, GitLab Dedicated, or GitLab self-hosted deployments.

GitLab is a former customer of Sisense and at the termination of our contract in March 2024, GitLab rotated secrets as part of our routine security operations. Out of an abundance of caution following the reported data breach, GitLab followed Sisense's recommended remediation measures on 2024-04-11.

We have taken additional measures to identify any unauthorized usage of Sisense related keys, tokens or credentials within GitLab and have not uncovered any suspicious activity to date.

Please reach out if you have any further questions.

Published at N/A

GitLab.com and GitLab Dedicated CAIQs Updated

ComplianceCopy link

The GitLab.com and GitLab Dedicated CAIQs have been updated to the latest version, 4.0.3. Please use the STAR Registry link on GitLab's Trust Center to view and download the latest version of the questionnaire.

Published at N/A

ESG Card Updated

GeneralCopy link

GitLab has updated the ESG card for both GItLab.com and GitLab Dedicated! To learn more about how GitLab addresses Environmental, Social, and Governance concerns, please visit our trust center.

Published at N/A

GitLab Critical Security Release: 16.7.2, 16.6.4, 16.5.6 for GitLab Community Edition (CE) and Enterprise Edition (EE)

VulnerabilitiesCopy link

Today we are releasing versions 16.7.2, 16.6.4, 16.5.6 for GitLab Community Edition (CE) and Enterprise Edition (EE).

These versions contain important security fixes, and we strongly recommend that all GitLab installations be upgraded to one of these versions immediately. GitLab.com is already running the patched version.

Please see the release post for important details and instructions.

Published at N/A*

If you think you may have discovered a vulnerability, please send us a note.

Powered bySafeBase Logo