GitLab Virtual Commit 2020 - Secure & Defend Customer Followups
We're thrilled you joined us at GitLab Virtual Commit 2020. We had some great conversations about how to setup and use Secure and Defend features with unique configurations while following best practices.
To continue the conversation, if you have followups or additional questions, please share them in the comments below. Members of the Secure & Defend team will be responding for the next 30 days.
**Please remember, don't share sensitive information as this is a public issue. **
In addition, if you have a paid GitLab plan you can contact support with questions. Otherwise, you can also use GitLab support resources: https://about.gitlab.com/support/
You also may find these resources helpful:
- GitLab Secure & Defend Overview- https://about.gitlab.com/solutions/dev-sec-ops/ - See an overview of all GitLab's Secure & Defend functionality with links to relevant details about each product category.
- Blog: DevSecOps basics: 9 tips for shifting left - https://about.gitlab.com/blog/2020/06/23/efficient-devsecops-nine-tips-shift-left/ - Here's how to create an efficient DevSecOps practice and shift your security left.
- GitLab DevSecOps Tools in Action - https://www.youtube.com/watch?v=fPLEWnI4k6k&feature=emb_title - Overview of DevSecOps using GitLab Secure. Secure provides Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Container Scanning, and Dependency Scanning to help you deliver secure applications along with License Compliance.
- Blog: How application security engineers can use GitLab to secure their projects - https://about.gitlab.com/blog/2020/07/07/secure-stage-for-appsec/ - GitLab Security features help application security engineers collaborate more efficiently and better assess the security posture of the projects they oversee.
- 2020 DevSecOps Landscape Developer Survey Results - https://about.gitlab.com/developer-survey/ - This year, over 3,650 respondents from 21 countries spoke about their DevOps successes, challenges, and ongoing struggles. Three facts stood out: DevOps speeds up release times and improves code quality, but it has also dramatically changed the roles and responsibilities of developers, operations pros, security team members, and testers.
- GitLab Secure Direction - https://about.gitlab.com/direction/secure/ - Read about our Secure strategy and vision to understand where we are now, and where are headed with our Secure stage.
- Secure Documentation - https://docs.gitlab.com/ee/user/application_security/ - Learn about all our Secure features and how to get started with Container Scanning, Dependency Scanning, SAST, DAST, Secret Detection, Coverage Fuzzing, and more.
- GitLab Defend Direction - https://about.gitlab.com/direction/defend/ - Read about our Defend strategy and vision to understand where we are now, and where are headed with our Defend stage.
- Defend Documentation - https://docs.gitlab.com/ee/README.html#defend - - Learn about all our Defend features and how to get started with Web Application Firewall (WAF), Container Host Security, and Container Network Security.
Edited by Taylor McCaslin