Trust Center

Start your security review
View & download sensitive information
Ask for information
Search items

GitLab's Mission

Trust Alliance Logo

At GitLab, we're committed to Information Security. It is GitLab’s mission to make it so that everyone can contribute, and it's our Security Division's mission to enable everyone to innovate and succeed on a safe, secure, and trusted DevSecOps platform. To learn more, visit the security section of our handbook.

Compliance

CCPA Logo
CCPA
CSA STAR Logo
CSA STAR
CSA Trusted Cloud Provider Logo
CSA Trusted Cloud Provider
GDPR Logo
GDPR
ISO 27001 Logo
ISO 27001
ISO 27017 Logo
ISO 27017
ISO 27018 Logo
ISO 27018
SOC 2 Logo
SOC 2
SOC 3 Logo
SOC 3
TISAX Logo
TISAX
VPAT Logo
VPAT
Start your security review
View & download sensitive information
Ask for information

GitLab is reviewed and trusted by

Goldman Sachs-company-logoGoldman Sachs
Airbus-company-logoAirbus
Lockheed Martin-company-logoLockheed Martin
NVIDIA-company-logoNVIDIA
UBS-company-logoUBS
Pentest Executive Summary
ISO 27001
SOC 2
GitLab.com Data Security Overview
PCI DSS Management's Assertion
ISO 27017
ISO 27018
SOC 3
SIG Core
Product Hardening Guide
TIA Guide
BC/DR
GCP SOC 3 Report
GitLab Supply Chain Security Overview
ISO 20243
ISO 27001 Summary Letter
NIST SSDF Attestation
NIST SSDF Technical Paper

Risk Profile

Data Access LevelInternal
Impact LevelSubstantial
Critical DependenceNo
View more

Product Security

2-Factor Authentication
Audit Logging
Integrations
View more

Reports

GitLab.com Data Security Overview
PCI DSS Management's Assertion
Pentest Executive Summary

Self-Assessments

CAIQ
SIG Core

Data Security

Backups Enabled
Data Retention
Encryption-at-rest
View more

App Security

SBOM
Code Analysis
View more

Data Privacy

Cookies
Data Breach Notifications
Data Privacy Contact
View more

Access Control

Data Access
Logging
Password Security

Infrastructure

Status Monitoring
Anti-DDoS
BC/DR
View more

Endpoint Security

Disk Encryption
Endpoint Detection & Response
Mobile Device Management

Network Security

DMARC
Firewall
Security Information and Event Management

Corporate Security

Email Protection
Employee Training
HR Security
View more

Policies

Acceptable Use Policy
Access Management Policy
Backup Policy
View more

Security Grades

Qualys SSL Labs
gitlab.com
A+

Knowledge Base

  • Is data classified according to type and sensitivity levels?
  • Is a data inventory created and maintained for sensitive and personal information (at a minimum)?
  • Are industry-accepted methods applied for secure data disposal from storage media so information is not recoverable by any forensic means?
  • Are data security and privacy policies and procedures reviewed and updated at least annually?
  • Are policies and procedures established, documented, approved, communicated, enforced, evaluated, and maintained for the classification, protection, and handling of data throughout its lifecycle according to all applicable laws and regulations, standards, and risk level?
View more

Trust Center Updates

GitLab Critical Security Release: 16.7.2, 16.6.4, 16.5.6 for GitLab Community Edition (CE) and Enterprise Edition (EE)

VulnerabilitiesCopy link

Today we are releasing versions 16.7.2, 16.6.4, 16.5.6 for GitLab Community Edition (CE) and Enterprise Edition (EE).

These versions contain important security fixes, and we strongly recommend that all GitLab installations be upgraded to one of these versions immediately. GitLab.com is already running the patched version.

Please see the release post for important details and instructions.

Published at N/A*

If you think you may have discovered a vulnerability, please send us a note.

Powered bySafeBase Logo