Security Configuration

Version history

The Security Configuration page lists the following for the security testing and compliance tools:

  • Name, description, and a documentation link.
  • Whether or not it is available.
  • A configuration button or a link to its configuration guide.

The status of each security control is determined by the project’s latest default branch CI pipeline. If a job with the expected security report artifact exists in the pipeline, the feature’s status is enabled.

If the latest pipeline used Auto DevOps, all security features are configured by default.

To view a project’s security configuration:

  1. On the top bar, select Menu > Projects and find your project.
  2. On the left sidebar, select Security & Compliance > Configuration.

Select Configuration history to see the .gitlab-ci.yml file’s history.

Security testing

You can configure the following security controls:


You can configure the following security controls: