Security Threat Management
Security Threat Management Sub-Department
The Security Threat Management sub-department is responsible for identifying and remediating vulnerabilities or threats that may impact GitLab, our Team Members or our Customers and the community at large.
Security Threat Management Mission
The Security Threat Management sub-department’s mission is to support the business and our overall security efforts by ensuring that we are focused on real world threats and vulnerabilities that impact us. We accomplish this by:
- working closely with engineering, product, infrastructure, and other security department teams
- designing and deploying vulnerability and threat management processes
- conducting in-depth security related research and assessments
- transparently communicating important information externally to customers and the community alike
The Security Threat Management sub-department includes the following teams. Learn more about each by visiting their Handbook pages.
- Security Research specialists conduct internal testing and research against GitLab assets, against FOSS that is critical to GitLab products and operations, and against vendor products being considered for purchase and integration with GitLab.
- Security Red Team conducts real word adversarial exercises and collaborates with our defensive and detection teams.
- Security Threat & Vulnerability Management focuses on ensuring that vulnerabilities are identified and mitigated in an easy but consistent manner. This team covers our infrastructure, code base and other pieces of GitLab’s infrastructure.