Secure your application
GitLab can check your applications for security vulnerabilities.
| Getting started Overview of how features fit together. | Application security Scanning, vulnerabilities, compliance, customization, reporting. | Security configuration Configuration, testing, compliance, scanning, enablement. |
| Container Scanning Image vulnerability scanning, configuration, customization, reporting. | Dependency Scanning Vulnerabilities, remediation, configuration, analyzers, reports. | Comparison Dependency Scanning compared to Container Scanning. |
| Dependency List vulnerabilities, licenses, filtering, exporting. | Continuous Vulnerability Scanning Scanning, dependencies, advisories, background jobs. | Static Application Security Testing Scanning, configuration, analyzers, vulnerabilities, reporting, customization, integration. |
| Infrastructure as Code (IaC) Scanning Vulnerability detection, configuration analysis, pipeline integration. | Secret detection Detection, prevention, monitoring, storage, revocation, reporting. | Dynamic Application Security Testing (DAST) Automated penetration testing, vulnerability detection, web application scanning, security assessment, CI/CD integration. |
| API Security Protection, analysis, testing, scanning, discovery. | Web API Fuzz Testing Testing, security, vulnerabilities, automation, errors. | Coverage-guided fuzz testing Coverage-guided fuzzing, random inputs, unexpected behavior. |
| Security Dashboard Security dashboards, vulnerability trends, project ratings, metrics. | Offline environments Offline security scanning, resolving vulnerabilities. | Vulnerability Report Filtering, grouping, exporting, manual addition. |
| Vulnerability Page Vulnerability details, status, resolution, linking issues. | Vulnerability severity levels Classification, impact, prioritization, risk assessment. | GitLab Advisory Database Security advisories, vulnerabilities, dependencies, database, updates. |
| CVE ID requests Vulnerability tracking, security disclosure. | Policies Security policies, enforcement, compliance, approvals, scans. | Security scanner integration Reporting, vulnerabilities, remediations, tracking. |
Docs
Edit this page to fix an error or add an improvement in a merge request.
Create an issue to suggest an improvement to this page.
Product
Create an issue if there's something you don't like about this feature.
Propose functionality by submitting a feature request.
Feature availability and product trials
View pricing to see all GitLab tiers and features, or to upgrade.
Try GitLab for free with access to all features for 30 days.
Get help
If you didn't find what you were looking for, search the docs.
If you want help with something specific and could use community support, post on the GitLab forum.
For problems setting up or using this feature (depending on your GitLab subscription).
Request support