Field Security Team

Governance and Field Security team charter

Field Security Team

The Field Security team serves as the public representation of GitLab’s internal Security function. Our vision is to be the leading example in collaborative and transparent Customer Assurance Programs. Our mission is to empower the GitLab community with confidence and trust that their data is protected with high levels of security assurance to drive revenue growth. We partner with our fellow GitLab team members and customers to provide a pathway to yes!

Core Competencies

The Field Security team is tasked with providing high levels of security assurance to internal and external customers. We work with all GitLab departments to document requests, analyze the risks associated with those requests, and provide value-added remediation recommendations. We do this in four main ways:


Metrics and Measures of Success

Security Impact on Net ARR

Contact the Team

Ayoub Fandi, @ayofan, Staff Security Assurance Engineer, Field Security

Jonathan Snow, @jgsnow, Senior Security Assurance Engineer, Field Security

Joe Longo, @jlongo_gitlab, Senior Manager, Governance and Field Security

Note: The areas above related to each team members primary responsibility. However, each team member is cross trained in all processes and provide back up to each other if applicable.

  • GitLab Issues
    • /gitlab-com/gl-security/security-assurance/field-security-team
  • Email
    • security-assurance@gitlab.com
  • Slack
    • Group Handle
      • @field-security
    • Primary Slack Channels
      • #sec-fieldsecurity
      • #sec-assurance

Feedback and the Future of Field Security

Do you have an idea, feedback, or recommendation for how Field Security can better support you? Please open a General Request issue in the Field Security Project.

References


Annual Field Security Study
Overview GitLab conducts an annual Field Security Study to document areas of concern or improvement …
AnswerBase Quality Guide
Purpose The purpose of this guide is to establish quality expectations for AnswerBase. Quality …
Field Security Engagement in QBRs
Overview GitLab conducts Quarterly Business Reviews during the first month of every quarter to …
Field Security Observation and OFI Quality Guide
Purpose This guide is designed to establish the quality expectations for observatiions and OFIs …
Field Security Research Program
Why a Research program? One of Field Security’s critical missions is to impact the broader …
Field Security Sales Training Program
Why a security sales training program? One of Field Security’s critical missions is to improve …
GitLab's Customer Assurance Activities
If you would like to request security collateral which are under NDA, (such as SOC 2 Type 2, …
Independent Security Assurance
Overview GitLab contracts with third parties to conduct annual network and application penetration …
Knowledge Base
What is the knowledge base? The knowledge base is a library of question and answer pairs related to …
Request for Information Process
Request for Information / Details If a customer, or potential customer, has questions related to …
Security Evangelism
Why do we evangelise? One of Field Security’s critical missions is to improve internal and …
Trust Center Guide
Are you looking for GitLab’s Trust Center? GitLab's Trust Center (Click Here!) Do you have 120 …
Last modified February 10, 2025: Remove unintented links (b66a7c53)