►
From YouTube: SKO 21 Security Summary
Description
@mmaneval, Risk and Field Security Team GitLab, provides an overview of why GitLab's security team is a market differentiator for GitLab customers.
A
Hey
everyone:
my
name
is
megan
manaval
manager
of
the
risk
and
field
security
team
here
at
get
lab
on
behalf
of
myself
and
the
entire
gitlab
security
department.
Thank
you
for
allowing
us
the
chance
to
participate
in
this
year's
sales.
Kickoff.
We
have
a
jam-packed
week
of
content
that
you
will
not
want
to
miss
throughout
the
week.
Our
goal
is
to
highlight
all
the
ways
that
security
can
help.
A
You
meet
your
goals
and
close
those
deals
by
embracing
transparency,
providing
support
via
a
dedicated
team
and
dedicating
our
time
to
research
while
crafting
a
customer
driven
roadmap,
but
if
you're
unable
to
make
it
to
our
booth
fear.
Not
here
are
some
highlights
for
you
on
the
review
in
your
own
time.
If
you
have
any
questions,
our
team
is
always
available
in
a
slack
channel
sec
field
security,
gitlab
security
department
has
a
fairly
unique
structure
with
many
functions
that
are
not
common
among
our
competitors.
A
For
starters,
we
have
over
50
gitlab
team
members
as
part
of
our
security
department,
so
we
offer
24x7
coverage
for
all
of
your
security
needs.
Our
security
department
has
three
main
teams:
secure
the
product,
protect
the
company
and
assure
the
customer.
The
first
team
secure
the
product
works
together
with
application,
development
and
release
processes
to
ensure
that
our
product
is
as
secure
as
can
be.
The
team
does
security
research,
including
our
hacker
one
bug
bounty
program
as
well
as
security,
automation
and
vulnerability
management.
A
The
second
team
protect
the
company
is
tasked
with
maintaining
the
security
posture
of
gitlab.com
to
ensure
enterprise
level
security
is
in
place
to
protect
our
new
and
existing
customers.
Our
competitors
likely
have
traditional
incident
response,
however,
get
lab
security.
Operational
sub
department
takes
it
to
the
next
level,
including
not
only
a
cert
team,
but
also
our
trust
and
safety
team
who
looks
for
abuse
and
fraudulent
usage
of
get
lab,
as
well
as
our
red
team,
whose
job
it
is
to
stimulate
attacks
and
identify
potential
vulnerabilities.
A
The
third
sub
department
assure
the
customer,
includes
the
risk
and
field
security
team.
We
provide
resources
to
our
customers
related
to
the
security
and
safety
of
gitlab.
It's
common
for
our
competitors
to
have
independent
security
audits,
but
gitlab
has
an
executive,
backed
certification
roadmap
that
ensures
that
we
stay
aligned
with
our
customers,
compliance
requirements
and
ahead
of
our
competitors.
A
Our
security
department
is
dedicated
to
delivering
highly
transparent
results
in
line
with
gitlab's
values.
Have
you
ever
heard
of
a
ceo
tweeting
about
phishing
test
results?
I
sure
haven't,
but
that's
what
sets
us
apart
in
our
industry.
We
also
offer
that
true
customer
partnership
by
providing
you
with
lots
of
self-service
resources
and
a
dedicated
team
to
assist
you
with
security
related
concerns,
which
I'll
show
you
in
a
moment.
A
Our
self-service
resources
currently
include
our
trust
center,
as
well
as
our
customer
assurance
package.
These
pages
contain
lots
of
resources
that
likely
your
customers
will
want
to
know,
but
just
don't
know
it's
there.
We
also
have
dedicated
teams
that
are
here
to
support
you
and
your
needs.
As
you
identify
new
requests
from
the
field
you
can
reach
out
to
us
on
slack
through
our
main
slack
channel.
We
also
have
two
epics
open
to
collect
general
feedback,
as
well
as
certification,
feedback
for
future
growth
and
for
planning
our
roadmap.
A
So
what
do
we
need
from
you?
Well,
if
you
don't
mind
utilize,
our
self-service
resources,
they're
there
for
you
and
while
you're
at
it,
let
us
know
if
we
missed
anything,
don't
forget
to
utilize
your
dedicated
security
teams,
we're
here
for
you,
whether
it's
answering
a
questionnaire,
reviewing
contract
language
or
attending
a
customer
call.
That's
our
job,
we're
here
to
support
you
and
finally
provide
feedback.
Your
feedback
from
the
field
is
what
drives
our
roadmap.