GitLab Reviews & Ratings 2026 | Gartner Peer Insights

Name: GitLab
Rating: 4.4 (1430 reviews)

Overview

Product Information on GitLab

Updated 22nd November 2023

What is GitLab?

GitLab is a comprehensive AI-powered DevSecOps platform that seamlessly unites security and development teams while helping customers standardize pipelines around security and compliance policies. It provides the visibility and controls necessary to create more secure software and ensure end-to-end software supply chain security. GitLab enables customers to (1) find and fix vulnerabilities in application code and cloud-native environments, (2) have one tool for both developers and security professionals to improve collaboration, (3) create and ingest software bill of materials (SBOMs) and ensure adherence to license compliance, (4) seamlessly integrate security scanners into the CI/CD pipeline out of the box, with no additional licenses to manage, (5) implement a broad range of policies and common controls for compliance, (6) simplify adoption of security and governance capabilities across the SDLC.

Overall experience with GitLab

DIRECTOR OF IT SERVICES

<50M USD, IT Services

FAVORABLE

“GitLab's Built-In Security Testing Streamlines CI/CD but Requires Fine-Tuning for Performance and Accuracy”

4.0

Nov 12, 2025

GitLab's Application Security Testing features integrate seamlessly into our CI/CD pipelines, making it easy to identify and address vulnerabilities early in the development process. Overall, the platform is stable, reliable and intuitive. However, the security scan configuration process could be more streamlined.

Principal Software Engineer

<50M USD, IT Services

CRITICAL

“GitLab is good, but I think they can do better”

3.0

Nov 25, 2025

I will be honest, when we started using GitLab, I had high hopes, but with other tools on the market, I feel like ither solutions are better

Badges

Gartner Peer Insights recognizes vendors who meet or exceed both the market average Overall Experience and the market average User Interest and Adoption score through a Customers’ Choice distinction.

For Market:
DevOps Platforms (Transitioning to DevSecOps Platforms)

For Market:
Application Security Posture Management (ASPM) Tools

About Company

Company Description

GitLab is a comprehensive AI-powered DevSecOps platform for software innovation. As a software delivery platform for development, security, and operations teams, GitLab brings security and compliance to AI-powered workflows throughout the software delivery lifecycle, helping customers deliver secure software faster. GitLab Duo, the company’s suite of AI capabilities, improves team collaboration and reduces the security and compliance risks of AI adoption by bringing the entire software development lifecycle into a single AI-powered application that is privacy-first. With GitLab, customers can visualize their end-to-end value streams, boost developer productivity with out-of-the-box analytics, and secure their software supply chain with SAST, DAST, secret detection, container scanning, and API testing. It enables organizations to increase developer productivity, improve operational efficiency, and accelerate cloud transformations to maximize the overall return on software development.

Company Details

Company type

Public

Year Founded

2014

Head office location

United States

Number of employees

1001 - 5000

Website

https://about.gitlab.com/

Do You Manage Peer Insights at GitLab?

Access Vendor Portal to update and manage your profile.

Key Insights

A Snapshot of What Matters - Based on Validated User Reviews

Reviewer Insights for: GitLab

Deciding Factors: GitLab Vs. Market Average

Performance of GitLab Across Market Features

GitLab Likes & Dislikes

GitLab provides centralized visibility across our repositories and pipelines. Its proactive risk management tools detect issues early and the compliance dashboard offers valuable insights into code quality and security posture. The integration of SAST, dependency scanning and secret detection within the same workflow reduces friction for developers and helps enforce consistent security standards.

Community and support, there is so many tools to integrate, and documentation is well placed.

It is really simple and easy to use.

Security scans can slow down build performance and the initial setup can be complex, especially for larger teams. I have also encountered a fair number of false positives that require manual triage, which can add to overhead.

The UI can be changed and optimized, specially if you are new, you will get lost, but once you get familiar, it will be fine

Nothing at all

Top GitLab Alternatives

4.6

(401 Ratings)

4.6

(398 Ratings)

4.8

(246 Ratings)

View All Alternatives

Peer Discussions

What Your Peers Are Saying About GitLab

Director of Information Security

Best Practices to create a SBOM with EOS/EOL Timeline to aid vulnerability remediation (currently use GitLab as our pipeline and Nexus repository).

Group Director of Information Security

It's a 5-step process which you will need to correlate for your environment. 1. Integrate dependency scanners (e.g., GitLab's built-in scanner, Trivy, Snyk, OWASP Dependency-Check or your existing Nexus repo) to flag outdated dependencies and use GitLab’s security dashboard to monitor deprecated packages. 2. Set up GitLab CI/CD rules to fail builds if EOL/EOS dependencies are detected and enforce allow/block lists for dependencies using GitLab’s security policies. 3. Configure GitLab to generate reports when a dependency is approaching its EOL and see if you can use GitLab’s webhook integrations to notify security teams via Slack, email, or Jira. 4. Implement dependency auto-updating tools (e.g., Renovate, Dependabot) to replace (identified & manually verified) EOL/EOS components. If no direct upgrade path exists, isolate the outdated component via containerization or sandboxing. 5. Maintain a historical record of all SBOMs and EOL/EOS alerts for compliance audits (ISO 27001, NIST, etc.). Regularly conduct security reviews using GitLab’s security reports.

See Full Discussion

22 Feb 2025457 Views1 Comment

IT Analyst

What has been your experience utilizing GITLAB (not GITHUB) to implement CI/CD for Athena and AWS GLUE, specifically for a process to transfer changes in Athena Views from the development environment to production?

CTO

We have used gitlab CI CD pipelines using terraform for all AWS resources, not athena or glue specifically though.

See Full Discussion

18 May 20231.1k Views1 Comment

GitLab Reviews and Ratings

Showing data for 191 ratings and reviews for Application Security Testing market. View all 1430 ratings and reviews across markets for a complete picture.

4.4

(191 Ratings)

Rating Distribution

5 Star: 47%
4 Star: 49%
3 Star: 5%
2 Star: 0%
1 Star: 0%

Customer Experience

Evaluation & Contracting

4.4

Integration & Deployment

4.5

Service & Support

4.5

Product Capabilities

4.5

Filter Reviews

Sort By:

Most helpful

Last 12 Months

Star Rating

Reviewer Type

Reviewer's Company Size

Reviewer's Industry

Reviewer's Region

Reviewer's Job Function

DIRECTOR OF IT SERVICES
<50M USD
IT Services
Review Source
GitLab's Built-In Security Testing Streamlines CI/CD but Requires Fine-Tuning for Performance and Accuracy
4.0
Nov 12, 2025
GitLab's Application Security Testing features integrate seamlessly into our CI/CD pipelines, making it easy to identify and address vulnerabilities early in the development process. Overall, the platform is stable, reliable and intuitive. However, the security scan configuration process could be more streamlined.
Principal Software Engineer
<50M USD
IT Services
Review Source
GitLab is good, but I think they can do better
3.0
Nov 25, 2025
I will be honest, when we started using GitLab, I had high hopes, but with other tools on the market, I feel like ither solutions are better
ENGINEER
50M-1B USD
IT Services
Review Source
Open Source Version Praised for Simplicity and Ease of Use
5.0
Oct 21, 2025
Really like it and the open source version is also really good. good for security testing.
Front End Developer
50M-1B USD
Software
Review Source
Enhancing Workflow and Frontend Development with Automation
5.0
Jan 20, 2025
I have been using this for a few years in my organisation for project purposes. It provides a seamless integration which helps me in linting for JavaScript, CSS and HTML. It really helped me in running tests and end to end tests with the help of jest and cypress. It has great built-in tools for frontend development.
Software Engineer
<50M USD
Software
Review Source
Comprehensive security testing, but complicated to use.
5.0
Jan 13, 2025
I have been using GitLab for application security testing in our development pipeline, and it's been quite effective. Integration with CI/CD workflows makes it easy to identify security vulnerabilities early. It helped us catch issues during development in an automated way.

...

Showing Result 1-5 of 198

GitLab