Archive for the ‘DevSecOps’ Category

GitLab and Log4J Vulnerability

Concerning the reported Log4J vulnerability (CVE-2021-44228), you should know that GitLab does not use Log4j or Log4j2 packages. GitLab was written using Ruby, JS and Go so it uses different log libraries. If you use GitLab Advance Search or Code Search features (available in paid edition including Premium, Ultimate and Starter) you should know it […]

Read more »

Vault HCP Cloud VS Vault Enterprise

As you probably know, a few months ago HashiCorp started offering the popular Vault product as a managed service in the cloud (known as “Vault HCP” or Vault Cloud), until then this had  only been offered as an on-premises product – Vault OSS and Vault Enterprise. We recently (in response to questions from our customers) […]

Read more »

Code Security and Compliance using GitLab

Besides version control and CI/CD, GitLab also offers a variety of security tests on your proprietary code (code you develop) or external code you use (i.e. open source), as well as code compliance capabilities – to help you ensure that you make proper and legal use of any open source libraries and code snippets. In […]

Read more »

New: CI Module for “The Shield” application to improve its Code Security and Fight Coronavirus

To encourage downloads of the ‘Shield’ app that fights coronavirus, we have built a complementary Continuous Integration (CI) solution and code scanners to improve information security, code security and privacy of the app. We also invite the developers to use it freely and continuously in future. A few days ago, the Israeli Ministry of Health […]

Read more »

Join our upcoming HashiCorp Vault Webinar

Next week we are hosting a HashiCorp employee to discuss different aspects of using Vault effectively. Webinar is free of charge. Introducing Vault ; Integration with OpenShift and “Ask Me Anything” (July 31st 11AM CET) We are hosting Lieuwe Helmus, Senior Solution Engineer in HashiCorp Company, to discuss about Vault, integration with OpenShift and give you the chance to […]

Read more »

How GitLab and Kubernetes Work Together

GitLab is considered a breakthrough tool not just as a version control and CI tool – but also as a strong CD (Continuous Deployment) tool, especially if you work with containers (such as Docker) and Kubernetes. To demonstrate these benefits of GitLab,we have collected 7 selected videos that were released in the past year. They […]

Read more »

GitLab Acquires Gemnasium and Offers New Built-in Code Security Features

GitLab has acquired Gemnasium, a service that scans for security vulnerabilities in open source libraries, and soon it will be part of the GitLab product. This move helps GitLab users enjoy static code analysis; dynamic security testing; security container scanning and more. The tool can now scan Ruby, Python and JavaScript code languages, and very […]

Read more »