index.html.md 1.54 KB
Newer Older
1
2
3
4
5
6
---
layout: markdown_page
title: "Category Direction - Security Benchmarking"
---

- TOC
7
{:toc}
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60

## Description

### 概要

GitLab will perform regular benchmarking of our own security
scanners. This allows us to understand our effectiveness relative to the market
and helps us focus improvements where they are most needed.

### Goal

Our goal with this category is to understand how our security tools compare
to other open-source security tools in terms of security
effectiveness.

Sub-goals of this category include:
1. Be able to provide this information to field staff and GitLab users who are
   concerned about the efficacy of our tools.
1. Give specific feedback to other categories on which parts can be improved
   and should have a higher level of focus.
1. Provide leadership within GitLab for conducting technical evaluations of
   security products and using fair testing and reporting methods.

### Roadmap
TBD

## What's Next & Why
We will start by creating a set of benchmarks for our existing scanners, such as SAST,
DAST, and Container Scanning. The results will be published so that they can be
viewed by GitLab team members and GitLab users.

## Maturity Plan

On an ongoing basis, we will update and refresh our existing benchmarks
to incorporate updates to existing scanners and evaluate any new tools that
have been released since the previous benchmark tests.

## Competitive Landscape
TBD

## Analyst Landscape
TBD

## Top Customer Success/Sales Issue(s)
TBD

## Top user issue(s)
TBD

## Top internal customer issue(s)
TBD

## Top Vision Item(s)