Tutorials: Secure your application and check compliance

GitLab can check your application for security vulnerabilities and that it meets compliance requirements.

Topic	Description	Good for beginners
Set up dependency scanning	Learn how to detect vulnerabilities in an application’s dependencies.
Export Dependency List in SBOM format	Learn how to export an application’s dependencies to the CycloneDX SBOM format.
Create a compliance pipeline	Learn how to create compliance pipelines for your groups.
Set up a merge request approval policy	Learn how to configure a merge request approval policy that takes action based on scan results.
Set up a scan execution policy	Learn how to create a scan execution policy to enforce security scanning of your project.
Scan a Docker container for vulnerabilities	Learn how to use container scanning templates to add container scanning to your projects.
Protect your project with secret push protection	Enable secret push protection in your project.
Remove a secret from your commits	Learn how to remove a secret from your commit history.
Get started with GitLab application security	Follow recommended steps to set up security tools.
GitLab Security Essentials	Learn about the essential security capabilities of GitLab in this self-paced course.

Edit this page to fix an error or add an improvement in a merge request.

Create an issue to suggest an improvement to this page.

Create an issue if there's something you don't like about this feature.

Propose functionality by submitting a feature request.

View pricing to see all GitLab tiers and features, or to upgrade.

Try GitLab for free with access to all features for 30 days.

If you didn't find what you were looking for, search the docs.

If you want help with something specific and could use community support, post on the GitLab forum.

For problems setting up or using this feature (depending on your GitLab subscription).

Help & feedback