The Trust and Safety team is a sub department of the Security Team at GitLab that forms part of the Security Operations subdepartment in Security at GitLab Inc and are tasked with the mitigation of Abuse on gitlab.com.
Mission
Our mission is to help build and maintain user trust, while keeping the GitLab platform safe and harm-free to help enable everyone to contribute.
We aim to achieve this by building a culture of care, protection, and a respect for privacy. We aim to stop the “bad” while also enabling the “good”.
Vision
Our vision for GitLab Trust and Safety is to build a team and tooling capable of achieving both accuracy and scale in our work.
We want to make our corner of the internet a little safer, but also be the best internet citizens we can be by helping to detect and report abuse externally.
For Open Source Program Partners, Premium and Ultimate customers that would like to discuss, and potentially improve, your current abuse prevention and mitigation strategies, you can reach us at abuse@gitlab.com. Include any relevant information as to the abuse issue you are currently experiencing to help us provide the most relevant information.
Abuse prevention/mitigation feature requests or suggestions should be created in the Feature Proposal issue from the provided templates in the Project, add the ~Abuse Prevention label.
Feature proposals can be submitted for the following:
You can tag @gitlab-com/gl-security/security-operations/trust-and-safety and @gitlab-org/modelops/anti-abuse to review the GitLab issue.
GitLab team members can reach Trust and Safety via
Slack: #abuse channel using the team Slack handle: @trust-and-safety
Non-urgent queries should be created in our Operations Tracker or tag us (@gitlab-com/gl-security/security-operations/trust-and-safety) in the issue and notify us in the #abuse slack channel.
For URGENT issues that require the immediate attention of the Trust and Safety team, use the /security Slack slash command, the command triggers the Trust and Safety Escalation Workflow and requests that you file an incident using a form. The form asks questions about the incident, which will help the Trust and Safety Team automatically determine severity and priority. Depending on which labels get assigned, the Trust and Safety on-call will be paged.
URGENT Trust and Safety issues are defined as instances of user generated abuse :
that is or has a high probability of resulting in service degradation or outages of GitLab.com and/or its features.
on GitLab.com that has the potential of causing significant legal, financial or reputational damage or liability to the company.
Non GitLab team members
Non GitLab members should use the report Abuse button to report abuse.
If you are running your own GitLab instance and looking for some tips and tricks to manage abuse on your instance, have a look at our DIY page for more information.
Detailed abuse reports can be reported via abuse@gitlab.com
If you would like to submit a more detailed report, you can do this by emailing abuse@gitlab.com where a member of our team will review your report.
Reinstating your gitlab.com account
Requests to have your reinstated can be done by reaching out to our Support Team.
Exceptions
Malware for Research Purposes
Making use of GitLab.com services to deliver malicious executables or as attack infrastructure is prohibited under the [GitLab Acceptable Use Policy] [link to be added once AUP has been launched].
We do however understand that making such technical details available for research purposes can benefit the wider community, and as such it will be allowed as an exception to our if the content meets the following criteria:
GitLab takes the intellectual property rights of others seriously and require that our users do the same. The Digital Millennium Copyright Act (DMCA) established a process for addressing claims of copyright infringement. If you own a copyright or have authority to act on behalf of a copyright owner and want to report a claim that a third party is infringing that material on or through GitLab’s services, review the Submitting a DMCA Notice section further below.
You can open an Account Reinstatement request with GitLab Support
Select GitLab.com (SaaS) user accounts and login issues and complete the form.
Wait for feedback from the support team.
DMCA Requests
I received a DMCA request and my Account is Blocked?
If you received a DMCA request for your account, you can do one of the following.
Review the request and determine whether or not you would like to submit a counter notice.
If you want to submit a counter notice, visit the Intellectual property on gitlab.compage.
Alternatively, you can agree to remove the copyright content from your account immediately.
Trademark Requests
I received a Trademark request and my Account is Blocked
Should you receive a Trademark take down request, you can do one of the following.
Agree to submit proof that you own the rights to use the reported Trademark.
Alternatively, you can agree to speedily remove the trademark content from your account.
Reported or Blocked Accounts
My account was reported for abuse, what can I do?
Should your account be blocked, continue to reach out to the GitLab support team to have your account reinstated.
My account was blocked for no reason
If you notice that your account was blocked, you can;
Reach out to GitLab Support to obtain more information on getting the block removed.
My account was blocked soon after signing up
If your account gets blocked soon after signing up, you can;
Reach out to GitLab Support to obtain more information on getting the block removed.
Security Research
Can I host Security Research tools?
Making use of GitLab.com services to deliver malicious executables or as attack infrastructure is prohibited under the GitLab Website Terms of Use (Section 3, “Responsibility of Website Visitors”).
When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.
Cookie Policy
User ID: 8146ab86-0a2c-4c6c-994c-a81ee49002c5
This User ID will be used as a unique identifier while storing and accessing your preferences for future.
Timestamp: --
Strictly Necessary Cookies
Always Active
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, enabling you to securely log into the site, filling in forms, or using the customer checkout. GitLab processes any personal data collected through these cookies on the basis of our legitimate interest.
Functionality Cookies
These cookies enable helpful but non-essential website functions that improve your website experience. By recognizing you when you return to our website, they may, for example, allow us to personalize our content for you or remember your preferences. If you do not allow these cookies then some or all of these services may not function properly. GitLab processes any personal data collected through these cookies on the basis of your consent
Performance and Analytics Cookies
These cookies allow us and our third-party service providers to recognize and count the number of visitors on our websites and to see how visitors move around our websites when they are using it. This helps us improve our products and ensures that users can easily find what they need on our websites. These cookies usually generate aggregate statistics that are not associated with an individual. To the extent any personal data is collected through these cookies, GitLab processes that data on the basis of your consent.
Targeting and Advertising Cookies
These cookies enable different advertising related functions. They may allow us to record information about your visit to our websites, such as pages visited, links followed, and videos viewed so we can make our websites and the advertising displayed on it more relevant to your interests. They may be set through our website by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant advertisements on other websites. GitLab processes any personal data collected through these cookies on the basis of your consent.