AI Security Working Group
The charter of this working group is to drive AI Security across GitLab components.
Attributes
| Property | Value |
|---|---|
| Date Created | June 12, 2025 |
| End Date | TBD |
| Slack | #wg_ai_security (internal) |
| Google Doc | Working Group Agenda (internal) |
| Epic | Main Project Epic (internal) |
| Handbook Page | GitLab’s FedRAMP Authorization Program |
Exit Criteria
- Best practices for implementing AI prompts are documented in our Contributor documentation.
- Proof-of-concepts are executed and recorded to understand what AI security tooling could offer SaaS, Dedicated, and Self-Managed customers.
- Our CI/CD pipeline will trigger code review of merge requests and provide actionable advice for contributors.
- Our CI/CD pipeline will block merge requests that do not meet secure development standards we establish for our AI offerings.
Roles and Responsibilities
| Working Group Role | Team Member Name | Role |
|---|---|---|
| Executive Sponsor | Jamie Dicken | Director, Security Platforms and Architecture |
| Executive Sponsor | Julie Davila | VP, Product Security |
| Executive Sponsor | Tim Zallmann | VP, AI Engineering |
| Functional Lead | Erran Carey | Staff Fullstack Engineer |
| Functional Lead | Jessie Young | Principal Engineer |
| Functional Lead | Joern Schneeweisz | Principal Security Engineer |
| Member | Daniel Hauenstein | Application Security Engineer, Product Security |
| Member | Vitor Meireles De Sousa | Senior Manager, AppSec, Product Security |
Last modified June 19, 2025: Add Daniel and Vitor as members of the AI Security working group (
0ec5da27)
