Application Security
The application security team's mission is to support the business and ensure that all GitLab products securely manage customer data.
Security Engineering
Security Engineering Sub-Department
The Security Engineering sub-department is responsible for technical and engineering security specific to the GitLab product and internal used systems or applications.
Teams
The Security Engineering sub-department includes the following teams. Learn more about each by visiting their Handbook pages.
- Application Security
- Infrastructure Security
- Security Logging
- Security Automation
- Security External Communications
- Product Security Engineering
Infrastructure Security Overview
GitLab's Infrastructure Security provides security oversight of the SaaS.
Product Security Engineering
The Product Security Engineering team's mission is to create proactive and preventative controls which will scale with the organization and result in improved product security.
Security Automation
The Security Automation team strives to protect GitLab and our customers as well as save us money through the automation of processes within Security Department teams, our primary customers. Our work is developed by dogfooding the product, similar to any traditional engineering development team at GitLab, and hosted on internal infrastructure co-managed by the Infrastructure Security team. Working closely with the Anti-Abuse team and other product teams, we often bring our research-driven and internal automations to the product for all to benefit through escalating levels of dogfooding.
Security Logging Overview
Security Logging supports and develops GitLab's security log ingestion platform.
Last modified September 27, 2023: Introduces Product Security Engineering to the handbook (
d2a5c8d7)