Security Threat Management
Security Threat Management Sub-Department
The Security Threat Management sub-department is responsible for identifying and remediating vulnerabilities or threats that may impact GitLab, our Team Members or our Customers and the community at large.
Security Threat Management Mission
The Security Threat Management sub-department’s mission is to support the business and our overall security efforts by ensuring that we are focused on real world threats and vulnerabilities that impact us. We accomplish this by:
- working closely with engineering, product, infrastructure, and other security department teams
- designing and deploying vulnerability and threat management processes
- conducting in-depth security related research and assessments
- transparently communicating important information externally to customers and the community alike
Teams
The Security Threat Management sub-department includes the following teams. Learn more about each by visiting their Handbook pages.
- Security Identity Engineering leads the technical strategy and automation implementation of next-generation identity and access management (IAM), role-based access control (RBAC), and administrative access controls for internal GitLab systems, cloud infrastructure, and tech stack applications.
The Identity Engineering team leads the technical strategy and automation implementation of identity and access management (IAM), role-based access control (RBAC), and administrative access controls for internal GitLab systems, cloud infrastructure, and tech stack applications. The Security team focuses on customer and product trust, while the Business Technology and IT team focuses on compliance and financial trust.