Shift security left to empower developers to find and fix security flaws as they are created.

• Automatically include application security testing in your CI pipelines – one tool, one cost, one user interface, one source of truth to unite dev and sec.
• Provide actionable scan results to the developer to assess and resolve potential vulnerabilities at code commit, before code is merged – even for DAST.
• Auto Remediation automatically creates a patch to resolve some vulnerabilities.
• Scanners include SAST , DAST, Dependency scanning, License Compliance, Container scanning, Cluster Image Scanning, web API testing, Infrastructure-as-code](https://docs.gitlab.com/ee/user/application_security/iac_scanning/) (IaC) testing, Secret Detection

Assess and triage vulnerabilities that remain after code changes are merged.

• Security pros can manage vulnerabilities across projects and groups to evaluate and triage vulnerabilities.
• Dynamically test running web applications on demand for known runtime vulnerabilities.
• Show all dependencies used in a project via a Dependency List (also called a Bill of Materials).
• Export findings, import findings from their party scanners and bug bounties. Filter by scanner vendor

Automate security and compliance policies across your software development lifecycle with GitLab Ultimate.

• Compliant pipelines for consistent use of security policies. Security configuration via check-boxes and granular controls – no need to code pipelines.
• Security dashboards at the project, group, and instance level, along with a personalized view of specific projects.
• Policy management for MR approvals, separation of duties and other common controls, including a Compliance Report.

• Container scanning, cluster image scanning, Infrastructure-as-code (IaC) scanning, web API fuzzing. All scan results are provided to the developer within their CI pipeline alongside more traditional scan results – no do-it-yourself integration is required.
• Alerts and protection for applications deployed in connected Kubernetes clusters is also an feature s of GitLab Ultimate. At the network layer, Container Network Security filters traffic going in and out of the cluster and traffic between pods inside the cluster. Inside the container, Container Host Security can monitor and block activity inside the containers themselves.