Security Engineering

Security Engineering Sub-Department

The Security Engineering sub-department is responsible for technical and engineering security specific to the GitLab product and internal used systems or applications.


The Security Engineering sub-department includes the following teams. Learn more about each by visiting their Handbook pages.

Application Security
The application security team's mission is to support the business and ensure that all GitLab products securely manage customer data.
Infrastructure Security Overview
GitLab's Infrastructure Security provides security oversight of the SaaS.
Product Security Engineering
The Product Security Engineering team's mission is to create proactive and preventative controls which will scale with the organization and result in improved product security.
Security Automation
The Security Automation team strives to protect GitLab and our customers as well as save us money through the automation of processes within Security Department teams, our primary customers. Our work is developed by dogfooding the product, similar to any traditional engineering development team at GitLab, and hosted on internal infrastructure co-managed by the Infrastructure Security team. Working closely with the Anti-Abuse team and other product teams, we often bring our research-driven and internal automations to the product for all to benefit through escalating levels of dogfooding.
Security Logging Overview
Security Logging supports and develops GitLab's security log ingestion platform.