This is a label used by the Application Security team to apply on everything that's related to our team's projects.

This is a label used by the Application Security team to apply on everything that's related to our critical projects.

Track Security Requirements on different projects

AppSec work not covered by other AppSecWorkType labels

General administrative work on the Red Team (handbook updates, metrics, meetings, etc).

Functionality required by GitLab Product Security teams.

An MR that modifies existing non-vulnerable functionality to be more robust if an “earlier” security control fails.

A new tool, method, class, check that, gives GitLab’s contributors an easier way to perform an activity securely.

Work done as part of the effort to integrate functionality from custom in-house tooling into a GitLab product.

The work type isn’t entirely clear yet, but we don’t want to block progress for now.

Indicates the work was associated to the AppSec Security release task issue duties

Indicates the work was associated to a customer escalating a security issue

Indicates the work was associated to a SIRT incidents and/or Security communications work

Indicates the work was associated to our tools and automation

Indicates the work was associated to cross-team help/collaboration

Indicates the work was associated to HackerOne administration