Secure your application
GitLab can check your applications for security vulnerabilities.
|
Getting started Overview of how features fit together. |
Application security Scanning, vulnerabilities, compliance, customization, reporting. |
Security configuration Configuration, testing, compliance, scanning, enablement. |
|
Container Scanning Image vulnerability scanning, configuration, customization, reporting. |
Dependency Scanning Vulnerabilities, remediation, configuration, analyzers, reports. |
Comparison Dependency Scanning compared to Container Scanning. |
|
Dependency List vulnerabilities, licenses, filtering, exporting. |
Continuous Vulnerability Scanning Scanning, dependencies, advisories, background jobs. |
Static Application Security Testing Scanning, configuration, analyzers, vulnerabilities, reporting, customization, integration. |
|
Infrastructure as Code (IaC) Scanning Vulnerability detection, configuration analysis, pipeline integration. |
Secret detection Detection, prevention, monitoring, storage, revocation, reporting. |
Dynamic Application Security Testing (DAST) Automated penetration testing, vulnerability detection, web application scanning, security assessment, CI/CD integration. |
|
API Security Protection, analysis, testing, scanning, discovery. |
Web API Fuzz Testing Testing, security, vulnerabilities, automation, errors. |
Coverage-guided fuzz testing Coverage-guided fuzzing, random inputs, unexpected behavior. |
|
Security Dashboard Security dashboards, vulnerability trends, project ratings, metrics. |
Offline environments Offline security scanning, resolving vulnerabilities. |
Vulnerability Report Filtering, grouping, exporting, manual addition. |
|
Vulnerability Page Vulnerability details, status, resolution, linking issues. |
Vulnerability severity levels Classification, impact, prioritization, risk assessment. |
GitLab Advisory Database Security advisories, vulnerabilities, dependencies, database, updates. |
|
CVE ID requests Vulnerability tracking, security disclosure. |
Policies Security policies, enforcement, compliance, approvals, scans. |
Security scanner integration Reporting, vulnerabilities, remediations, tracking. |