Overview
Product Information on GitLab
Updated 22nd November 2023
What is GitLab?
GitLab Pricing
GitLab Product Images
Overall experience with GitLab
It Security & Risk Management Associate
50M - 250M USD, Consumer GoodsFAVORABLE
“The Definitive DevSecOps Platform for Securing the Supply Chain on the GCP”
Transitioning to GitLab Ultimate has fundamentally shifted our posture from "reactive patching" to "proactive supply chain security". As an organisation heavily invested in the Google ecosystem, the ability to consolidate source code management, CI/CD and security scanning into a single platform has significantly reduced our operational overhead.
IT ASSOCIATE
3B - 10B USD, RetailCRITICAL
“Exploring Vulnerability Scanning and Resolution on GitLab”
GitLab has decent vulnerability scanning features by incorporating the functionality built-in Gitlab CI/CD job configurations. Helps scan container images, package dependencies, and licensed included programming code. Providing a vulnerability report, severity and also recommendations to resolve is pretty handy.
Badges
Gartner Peer Insights recognizes vendors who meet or exceed both the market average Overall Experience and the market average User Interest and Adoption score through a Customers’ Choice distinction.
About Company
Company Description
GitLab is a comprehensive AI-powered DevSecOps platform for software innovation. As a software delivery platform for development, security, and operations teams, GitLab brings security and compliance to AI-powered workflows throughout the software delivery lifecycle, helping customers deliver secure software faster. GitLab Duo, the company’s suite of AI capabilities, improves team collaboration and reduces the security and compliance risks of AI adoption by bringing the entire software development lifecycle into a single AI-powered application that is privacy-first. With GitLab, customers can visualize their end-to-end value streams, boost developer productivity with out-of-the-box analytics, and secure their software supply chain with SAST, DAST, secret detection, container scanning, and API testing. It enables organizations to increase developer productivity, improve operational efficiency, and accelerate cloud transformations to maximize the overall return on software development.
Company Details
Company type
Public
Year Founded
2014
Head office location
United States
Number of employees
1001 - 5000
Website
Do You Manage Peer Insights at GitLab?
Access Vendor Portal to update and manage your profile.
Key Insights
A Snapshot of What Matters - Based on Validated User Reviews
Top GitLab Alternatives
Peer Discussions
What Your Peers Are Saying About GitLab
Director of Information Security
Best Practices to create a SBOM with EOS/EOL Timeline to aid vulnerability remediation (currently use GitLab as our pipeline and Nexus repository).Group Director of Information Security
See Full DiscussionIt's a 5-step process which you will need to correlate for your environment.
1. Integrate dependency scanners (e.g., GitLab's built-in scanner, Trivy, Snyk, OWASP Dependency-Check or your existing Nexus repo) to flag outdated dependencies and use GitLab’s security dashboard to monitor deprecated packages.
2. Set up GitLab CI/CD rules to fail builds if EOL/EOS dependencies are detected and enforce allow/block lists for dependencies using GitLab’s security policies.
3. Configure GitLab to generate reports when a dependency is approaching its EOL and see if you can use GitLab’s webhook integrations to notify security teams via Slack, email, or Jira.
4. Implement dependency auto-updating tools (e.g., Renovate, Dependabot) to replace (identified & manually verified) EOL/EOS components. If no direct upgrade path exists, isolate the outdated component via containerization or sandboxing.
5. Maintain a historical record of all SBOMs and EOL/EOS alerts for compliance audits (ISO 27001, NIST, etc.). Regularly conduct security reviews using GitLab’s security reports.
IT Analyst
What has been your experience utilizing GITLAB (not GITHUB) to implement CI/CD for Athena and AWS GLUE, specifically for a process to transfer changes in Athena Views from the development environment to production?CTO
See Full DiscussionWe have used gitlab CI CD pipelines using terraform for all AWS resources, not athena or glue specifically though.
GitLab Reviews and Ratings
Filter Reviews
Sort By:
Most helpful
Last 12 Months
Star Rating
Reviewer Type
Reviewer's Company Size
Reviewer's Industry
Reviewer's Region
Reviewer's Job Function
- It Security & Risk Management Associate50M-1B USDConsumer GoodsReview Source
The Definitive DevSecOps Platform for Securing the Supply Chain on the GCP
Transitioning to GitLab Ultimate has fundamentally shifted our posture from "reactive patching" to "proactive supply chain security". As an organisation heavily invested in the Google ecosystem, the ability to consolidate source code management, CI/CD and security scanning into a single platform has significantly reduced our operational overhead. - IT Security & Risk Management Associate1B-10B USDBankingReview Source
Integrated CI/CD and Security Features Simplify Workflows But Challenge New Adopters
GitLab provides a comprehensive platform that successfully unifies source code management with robust CI/CD pipelines. From an enterprise security and infrastructure perspective, it facilitates a strong DEvSecOps culture by integrating security scanning directly into deployment workflows - IT SECURITY & RISK MANAGEMENT ASSOCIATE50M-1B USDSoftwareReview Source
Onboarding Is Streamlined Yet Accessing Advanced Functions Can Be Challenging
As a SaaS cloud hosted code repository, it seems to do what you would expect. - Sr. Security Consultant50M-1B USDIT ServicesReview Source
Comprehensive DevOps Platform Offers Advanced CI/CD and Security With Integration Ease
robust devops platform; strong CI/CD, security and integration - RPA DEVELOPER50M-1B USDIT ServicesReview Source
Decoding the Assurance of Security in SAC Tool
I have been working on this tool for a few months SAC is nothing but a security certificate that assures this tool is very secure and protected to their users.
Showing Result 1-5 of 13
Recommended Gartner Insights
This service may contain translations provided by Google. Google disclaims all warranties related to the translations, express or implied, including any warranties of accuracy, reliability, and any implied warranties of merchantability, fitness for a particular purpose and noninfringement. Gartner's use of this provider is for operational purposes and does not constitute an endorsement of its products or services.
