# Table of Contents
- [Kubernetes GitOps Tooling Zone · GitLab](#kubernetes-gitops-tooling-zone-gitlab)
- [Sign up · GitLab](#sign-up-gitlab)
- [The most-comprehensive AI-powered DevSecOps platform | GitLab](#the-most-comprehensive-ai-powered-devsecops-platform-gitlab)
- [GitLab named a Leader in the 2024 Gartner® Magic Quadrant™ for AI Code Assistants | GitLab](#gitlab-named-a-leader-in-the-2024-gartner-magic-quadrant-for-ai-code-assistants-gitlab)
- [Platform | GitLab](#platform-gitlab)
- [Collaborate and accelerate in one place | GitLab](#collaborate-and-accelerate-in-one-place-gitlab)
- [Return on Investment Calculator | GitLab](#return-on-investment-calculator-gitlab)
- [What is Multicloud?](#what-is-multicloud-)
- [Explore projects · GitLab](#explore-projects-gitlab)
- [Lockheed Martin | GitLab](#lockheed-martin-gitlab)
- [Continuous Software Security | GitLab](#continuous-software-security-gitlab)
- [Software Supply Chain Security | GitLab](#software-supply-chain-security-gitlab)
- [GitLab for GitOps | GitLab](#gitlab-for-gitops-gitlab)
- [Continuous Software Compliance with GitLab | GitLab](#continuous-software-compliance-with-gitlab-gitlab)
- [Security Compliance | GitLab](#security-compliance-gitlab)
- [Sales | GitLab](#sales-gitlab)
- [Value Stream Management | GitLab](#value-stream-management-gitlab)
- [Get started with GitLab | GitLab](#get-started-with-gitlab-gitlab)
- [Why GitLab? | GitLab](#why-gitlab-gitlab)
- [GitLab Duo | GitLab](#gitlab-duo-gitlab)
- [Automated Software Delivery with GitLab | GitLab](#automated-software-delivery-with-gitlab-gitlab)
- [Analyze, discover and optimize the hidden value within your DevSecOps lifecycle | GitLab](#analyze-discover-and-optimize-the-hidden-value-within-your-devsecops-lifecycle-gitlab)
- [How UBS created their own DevOps platform using GitLab](#how-ubs-created-their-own-devops-platform-using-gitlab)
- [Iron Mountain | GitLab](#iron-mountain-gitlab)
- [Haven Technologies | GitLab](#haven-technologies-gitlab)
- [GitLab named a Leader in the Gartner® Magic Quadrant™ for DevOps Platforms | GitLab](#gitlab-named-a-leader-in-the-gartner-magic-quadrant-for-devops-platforms-gitlab)
- [Industry Analyst Research | GitLab](#industry-analyst-research-gitlab)
- [Platform Engineering | GitLab](#platform-engineering-gitlab)
- [Continuous Integration and Delivery | GitLab](#continuous-integration-and-delivery-gitlab)
- [Why GitLab Ultimate? | GitLab](#why-gitlab-ultimate-gitlab)
- [Topics](#topics)
- [Why GitLab Premium? | GitLab](#why-gitlab-premium-gitlab)
- [Case studies from GitLab customers | GitLab](#case-studies-from-gitlab-customers-gitlab)
- [Guide to the cloud - How to navigate the multi-cloud future
|
GitLab](#guide-to-the-cloud-how-to-navigate-the-multi-cloud-future-gitlab)
- [The Role of AI in DevOps](#the-role-of-ai-in-devops)
- [Pricing | GitLab](#pricing-gitlab)
- [Duncan Aviation | GitLab](#duncan-aviation-gitlab)
- [Shifting from on-prem to cloud](#shifting-from-on-prem-to-cloud)
- [HackerOne | GitLab](#hackerone-gitlab)
- [CI/CD: The ticket to multicloud](#ci-cd-the-ticket-to-multicloud)
- [Continuous Software Compliance | GitLab](#continuous-software-compliance-gitlab)
- [Curve | GitLab](#curve-gitlab)
- [Bendigo and Adelaide Bank | GitLab](#bendigo-and-adelaide-bank-gitlab)
- [What is GitOps?](#what-is-gitops-)
- [Cloud Native for Business | GitLab](#cloud-native-for-business-gitlab)
- [Developer Experience | GitLab](#developer-experience-gitlab)
- [GitLab Dedicated | GitLab](#gitlab-dedicated-gitlab)
- [GitLab Advanced SAST is now generally available](#gitlab-advanced-sast-is-now-generally-available)
- [Watch the Demo, see what GitLab can do for your team | GitLab](#watch-the-demo-see-what-gitlab-can-do-for-your-team-gitlab)
- [The Zebra | GitLab](#the-zebra-gitlab)
- [Siemens | GitLab](#siemens-gitlab)
- [FullSave | GitLab](#fullsave-gitlab)
- [CACI | GitLab](#caci-gitlab)
- [Why GitLab's collaboration technology is critical for GitOps: A demo](#why-gitlab-s-collaboration-technology-is-critical-for-gitops-a-demo)
- [Airbus | GitLab](#airbus-gitlab)
- [GitLab on Google Cloud | GitLab](#gitlab-on-google-cloud-gitlab)
- [Hemmersbach | GitLab](#hemmersbach-gitlab)
- [Hilti | GitLab](#hilti-gitlab)
- [How to use GitLab and Ansible to create infrastructure as code](#how-to-use-gitlab-and-ansible-to-create-infrastructure-as-code)
- [Explore projects · GitLab](#explore-projects-gitlab)
---
# Kubernetes GitOps Tooling Zone · GitLab

Kubernetes GitOps Tooling Zone
==============================
Deploy tools and infrastructure services on a Kubernetes cluster using GitOps methodology (via Flux)
Logo is mix of Kubernetes, Git logo and Toolbox by BAMBANG G from Noun Project (CC BY 3.0)
Read more
---
# Sign up · GitLab

GitLab.com
==========
If you are human, please ignore this field.
First name
Last name
Username
Username is already taken.
Username is available.
Checking username availability…
Email
We recommend a work email address.
Email address without top-level domain. Make sure that you have entered the correct email address.
Password
I agree that GitLab can contact me by email or telephone about its product, services, or events.
By clicking Continue or registering through a third party you accept the GitLab [Terms of Use and acknowledge the Privacy Statement and Cookie Policy](/-/users/terms)
.
Continue
Continue with:
 Google
 GitHub
 Bitbucket
Salesforce
Already have an account? [Sign in](/users/sign_in?redirect_to_referer=yes)
* * *
[Explore](/explore)
[Help](/help)
[About GitLab](https://about.gitlab.com)
[Community forum](https://forum.gitlab.com)
Cookie Preferences
---
# The most-comprehensive AI-powered DevSecOps platform | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
Software. Faster.
=================
GitLab is the most comprehensive AI-powered DevSecOps Platform.
---------------------------------------------------------------
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com&glm_content=default-saas-trial)
Software. Faster.
=================
GitLab is the most comprehensive AI-powered DevSecOps Platform.
---------------------------------------------------------------
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com&glm_content=default-saas-trial)
[ \
\
Ship more secure software faster with AI throughout the entire software development lifecycle\
---------------------------------------------------------------------------------------------\
\
Discover GitLab Duo](/gitlab-duo)
[ \
\
GitLab named a Leader in the 2024 Gartner® Magic Quadrant™ for AI Code Assistants\
---------------------------------------------------------------------------------\
\
Read the report](/gartner-mq-ai-code-assistants/)
[ \
\
Industry leaders choose GitLab to build mission‑critical software\
-----------------------------------------------------------------\
\
Why GitLab?](/why-gitlab/)
[ \
\
See what your team could do with the AI-powered DevSecOps Platform.\
-------------------------------------------------------------------\
\
Talk to sales](/sales)
Get started today
=================
See what your team could do with the AI-powered DevSecOps Platform.
-------------------------------------------------------------------
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com&glm_content=default-saas-trial)
[Talk to sales](/sales)

previous slide
next slide
### Balance speed and security in a single platform
Automate software delivery, boost productivity, and secure your end-to-end software supply chain.
[Discover the platform](/platform/)
What is GitLab?

##### Simplify your toolchain
All the [essential DevSecOps tools](/platform/)
in one place.
##### Accelerate software delivery
Automation, [AI-powered workflows](/gitlab-duo/)
, and more.
Try Code Suggestions
##### Integrate security
Security that’s [built in, not bolted on](/solutions/security-compliance/)
.
Try CI/CD
##### Deploy anywhere
Say goodbye to cloud [vendor lock-in](/topics/multicloud/)
.
##### See how [Lockheed Martin](/customers/lockheed-martin/)
saves time, money, and tech muscle with GitLab
##### 80x
faster CI pipeline builds
##### 90%
less time spent on system maintenance
[Read story](/customers/lockheed-martin/)
How much is your toolchain costing you?
[Try our ROI calculator](/calculator/)
New to GitLab and not sure where to start?
[Explore resources](/get-started/)
DevSecOps
---------
From planning to production, GitLab brings your team together
Development dev Security sec Operations ops
Development
Automated tasks improve efficiency and free up developers’ time — without sacrificing security.
* [Continuous integration and delivery](/features/continuous-integration/)
* [AI‑powered workflows with GitLab Duo](/gitlab-duo/)
* [Source code management](/solutions/source-code-management/)
* [Automated software delivery](/solutions/delivery-automation/)

Launch Code Suggestions demo
Security
Manage threat vectors and ensure adherence to compliance standards, without compromising speed.
* [Security and compliance](/solutions/security-compliance/)
* [Software supply chain security](/solutions/supply-chain/)
* [Integrated testing and remediation](/solutions/continuous-software-security-assurance/)
* [Vulnerability and dependency management](/solutions/compliance/)

Launch CI/CD demo
Operations
Automate software deployment and optimize processes, whatever your environment: cloud native, multi-cloud, or legacy.
* [GitOps and infrastructure as code](/solutions/gitops/)
* [Automated software delivery](/solutions/delivery-automation/)
* [Value stream management](/solutions/value-stream-management/)
* [Analytics and Insights](https://about.gitlab.com/solutions/analytics-and-insights/)

 iron mountain lockheed martin case study  haven technologies case study  ubs case study  singleron video
[Iron Mountain](customers/iron-mountain/)
drives DevOps evolution with GitLab Ultimate
##### $150k
approximate cost savings per year
##### 20 hours
saved in onboarding time per project
[Read More](/customers/iron-mountain/)
The vision that GitLab has in terms of tying strategy to scope and to code is very powerful. I appreciate the level of investment they are continuing to make in the platform."
Jason Monoharan
VP of Technology
Iron Mountain

[Lockheed Martin](/customers/lockheed-martin/)
saves time, money, and tech muscle with GitLab
##### 80x
faster CI pipeline builds
##### 90%
less time spent on system maintenance
[Read More](/customers/lockheed-martin/)
By switching to GitLab and automating deployment, teams have moved from monthly or weekly deliveries to daily or multiple daily deliveries."
Alan Hohn
Director of Software Strategy
Lockheed Martin

[Haven Technologies](/customers/haven-technologies/)
moved to Kubernetes with GitLab
##### 62%
of monthly users ran secret detection jobs
##### 66%
of monthly users ran secure scanner jobs
[Read More](/customers/haven-technologies/)
GitLab’s commitment to an open source community meant that we could engage directly with engineers to work through difficult technical problems."
Evan O’Connor
Platform Engineering Manager
Haven Technologies

[UBS](https://about.gitlab.com/blog/2021/08/04/ubs-gitlab-devops-platform/)
created their own DevOps platform using GitLab
##### 1 million
successful builds in first six months
##### 12,000
active GitLab users
[Read More](/blog/2021/08/04/ubs-gitlab-devops-platform/)
We have an expression at UBS, ‘all developers wait at the same speed,’ so anything we can do to reduce their waiting time is value added. And GitLab allows us to have that integrated experience."
Rick Carey
Group Chief Technology Officer
UBS

Singleron uses GitLab to collaborate on a single platform to improve patient care
Watch the video
GitLab allows us to collaborate very well with team members and between different teams. As a project manager, being able to track a project or the workload of a team member helps prevent a project from delays. When the project is done, we can easily automate a packaging process and send results back to the customer. And with GitLab, it all resides within one house."
Lakshmi Venkatraman
Project Manager
Singleron Biotechnologies

previous case study
* 0
* 1
* 2
* 3
* 4
next case study
GitLab is the leading DevSecOps platform
----------------------------------------
50%+
Fortune 100
40m+
Registered users

GitLab is a Leader in the 2024 Gartner® Magic Quadrant™ for DevOps Platforms
[Read now](/gartner-magic-quadrant/)

GitLab named a Leader in the 2024 Gartner® Magic Quadrant™ for AI Code Assistants
[Read the report](/gartner-mq-ai-code-assistants/)
GitLab ranks as a G2 Leader across DevSecOps categories

[What industry analysts are saying about GitLab](/analysts/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# GitLab named a Leader in the 2024 Gartner® Magic Quadrant™ for AI Code Assistants | GitLab

GitLab named a Leader in the 2024 Gartner® Magic Quadrant™ for AI Code Assistants
=================================================================================
* A Leader in the inaugural Gartner Magic Quadrant for AI Code Assistants
* A Leader for AI-powered capabilities across the SDLC
* A Leader for Transparent and Privacy-first AI
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
[View the report](#download-form)


##### GitLab is named a Leader in the 2024 Gartner® Magic Quadrant™ for
AI Code Assistants
GitLab’s code assistant, GitLab Duo empowers developers to focus on high-level problem-solving, innovation, and value creation, while GitLab Duo handles repetitive tasks and optimization behind the scenes, transforming the way teams build and ship software. It helps teams ship more secure software faster with AI throughout the entire software development lifecycle.
##### Access the report
Read the report for a complete picture of the AI Code Assistants market, vendors, and why GitLab is recognized as a Leader.
Gartner, Magic Quadrant for AI Code Assistants, Arun Batchu, Haritha Khandabattu, Philip Walsh, Matt Brasier, August 2024
Read more
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Platform | GitLab
[\
\
AI-driven DevSecOps.\
\
New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
The most comprehensive
AI-powered
DevSecOps Platform
================================
Deliver better software faster with one platform for your entire software delivery lifecycle.
[Get Free Trial](https://gitlab.com/-/trial_registrations/new?glm_content=default-saas-trial&glm_source=about.gitlab.com%2Fplatform/)
[Learn about pricing](/pricing/)

| [Planning](/solutions/visibility-measurement/) | [Source Code Management](/solutions/delivery-automation/) | [Continuous Integration](/solutions/delivery-automation/) | [Security](/solutions/security-compliance/) | [Compliance](/solutions/security-compliance/) | [Artifact Registry](/solutions/delivery-automation/) | [Continuous Delivery](/solutions/delivery-automation/) | [Observability](/solutions/visibility-measurement/) |
| --- | --- | --- | --- | --- | --- | --- | --- |
| [DevOps Reports](/solutions/visibility-measurement/#devops-reports)
[DORA Metrics](/solutions/value-stream-management/dora/)
[Value Stream Management](/solutions/value-stream-management/)
[Value Stream Forecasting](/solutions/visibility-measurement/#value-stream-forecasting)
[Service Desk](/solutions/visibility-measurement/#service-desk)
[Wiki](/solutions/visibility-measurement/#wiki)
[Portfolio Management](/solutions/visibility-measurement/#portfolio-management)
[Team Planning](/solutions/visibility-measurement/#team-planning)
[Generate issue description](/solutions/visibility-measurement/#generate-issue-description)
[Discussion Summary](/solutions/visibility-measurement/#discussion-summary)
[Design Management](/solutions/visibility-measurement/#team-planning) | [Remote Development](/solutions/delivery-automation/#remote-development)
[Source Code Management](/solutions/source-code-management/)
[Web IDE](/solutions/delivery-automation/#web-ide)
[GitLab CLI](/solutions/delivery-automation/#gitlab-cli)
[Code Review Workflow](/solutions/delivery-automation/#code-review-workflow)
[Code Suggestions](/solutions/delivery-automation/#code-suggestions)
[Code Explanation](/solutions/delivery-automation/#code-explanation)
[Code Review Summary](/solutions/delivery-automation/#code-review-summary)
[Test Generation](/solutions/delivery-automation/#test-generation)
[Code Refactorization](/solutions/source-code-management/#capabilities)
[GitLab Duo for the CLI](/solutions/source-code-management/#capabilities) | [Secrets Management](/solutions/delivery-automation/#secrets-management)
[Review Apps](/solutions/delivery-automation/#review-apps)
[Code Testing and Coverage](/solutions/delivery-automation/#code-testing-and-coverage)
[Merge Trains](/solutions/delivery-automation/#merge-trains)
[Suggested Reviewers](/solutions/delivery-automation/#suggested-reviewers)
[Merge Request Summary](/solutions/delivery-automation/#merge-requests)
[Root Cause Analysis](/solutions/delivery-automation/#root-cause-analysis)
[Discussion Summary](/solutions/delivery-automation/#discussion-summary)
[Merge Commit Message Generation](/solutions/delivery-automation/#merge-requests)
[Pipeline Composition and Component Catalog](/solutions/delivery-automation/#cicd-components) | [Container Scanning](/solutions/security-compliance/#container-scanning)
[Software Composition Analysis](/solutions/security-compliance/#software-composition-analysis)
[API Security](/solutions/security-compliance/#api-security)
[Coverage-guided Fuzz Testing](/solutions/security-compliance/#fuzz-testing)
[DAST](/solutions/security-compliance/#dast)
[Code Quality](/solutions/security-compliance/#code-quality)
[Secret Detection](/solutions/security-compliance/#secret-detection)
[SAST](/solutions/security-compliance/#sast)
[Vulnerability Explanation](/solutions/security-compliance/#vulnerability-explanation)
[Vulnerability Resolution](/solutions/security-compliance/#vulnerability-resolution)
[GitLab Advisory Database](/solutions/security-compliance/#gitlab-advisory-database) | [Release Evidence](/solutions/security-compliance/#release-evidence)
[Compliance Management](/solutions/security-compliance/#compliance-management)
[Audit Events](/solutions/security-compliance/#audit-events)
[Software Bill of Materials](/solutions/security-compliance/#software-bill-of-materials)
[Dependency Management](/solutions/security-compliance/#dependency-management)
[Vulnerability Management](/solutions/security-compliance/#vulnerability-management)
[Security Policy Management](/solutions/security-compliance/#security-policy-management) | [Virtual Registry](/solutions/delivery-automation/#virtual-registry)
[Container Registry](/solutions/delivery-automation/#container-registry)
[Helm Chart Registry](/solutions/delivery-automation/#helm-chart-registry)
[Package Registry](/solutions/delivery-automation/#package-registry)
[Model Registry (Beta)](/solutions/delivery-automation/#model-registry)
[Dependency Proxy](/solutions/delivery-automation/#package-registry) | [Release Orchestration](/solutions/delivery-automation/#release-orchestration)
[Infrastructure as Code](/solutions/delivery-automation/#infrastructure-as-code)
[Pages](/solutions/visibility-measurement/#pages)
[Feature Flags](/solutions/delivery-automation/#feature-flags)
[Environment Management](/solutions/delivery-automation/#environment-management)
[Deployment Management](/solutions/delivery-automation/#deployment-management)
[Auto DevOps](/solutions/delivery-automation/) | [On-call Schedule Management](/solutions/visibility-measurement/#oncall-schedule-management)
[Incident Management](/solutions/visibility-measurement/#incident-management)
[Error Tracking](/solutions/visibility-measurement/#error-tracking)
[Product Analytics Visualization](/solutions/visibility-measurement/#product-analytics-visualization)
[AI Product Analytics](/solutions/visibility-measurement/#ai-product-analytics)
[AI Impact Dashboard](/solutions/visibility-measurement/#ai-product-analytics)
[Metrics](/solutions/visibility-measurement/#metrics)
[Distributed Tracing](/solutions/visibility-measurement/#distributed-tracing)
[Logs](/solutions/visibility-measurement/#logs) |
| Replacement for
Jira | Replacement for
GitHub | Replacement for
Jenkins | Replacement for
Snyk | | Replacement for
JFrog | Replacement for
Harness | Replacement for
Sentry |
One platform
to empower Dev, Sec, and Ops teams
----------------------------------------------------
DevelopmentSecurityOperations
AI-powered workflow
Boost efficiency and reduce cycle times of every user with the help of AI in every phase of the software development lifecycle - from planning and code creation to testing, security, and monitoring.
* [GitLab Duo](/gitlab-duo/)
See it in action:
* GitLab Duo
* Code Suggestions
* Chat
Single application
GitLab brings all DevSecOps capabilities into one application with a unified data store so everything is all in one place.
* GitLab's use of DORA metrics video
* GitLab's Value Streams Dashboard video
Enhanced developer productivity
GitLab's single application delivers a superior user experience, which improves cycle time and helps prevent context switching.
* GitLab's Portfolio Management video
* GitLab's OKR Management video
* Design Uploads to GitLab issues video
Better automation
GitLab's automation tools are more reliable and feature rich, helping remove cognitive load and unnecessary grunt work.
* GitLab's CD Overview video
* [Error tracking documentation](https://docs.gitlab.com/ee/operations/error_tracking.html)
* [Incident management documentation](https://docs.gitlab.com/ee/operations/incident_management/)
Security is built in, not bolted on
GitLab's security capabilities - such as DAST, fuzz testing, container scanning, and API screening - are integrated end-to-end.
* Dynamic Application Security Testing (DAST) video
* Container scanning video
* API security and web API Fuzzing video
Compliance and precise policy management
GitLab offers a comprehensive governance solution allowing for separation of duties between teams. GitLab's policy editor allows customized approval rules tailored to each organization's compliance requirements, reducing risk.
* [Compliance Management documentation](/solutions/security-compliance/#compliance-management)
* GitLab's Compliance Frameworks video
* GitLab's Requirements Management video
Security automation
GitLab's advanced automation tools enable velocity with guardrails, ensuring code is automatically scanned for vulnerabilities.
* GitLab's Security Dashboard video
Scale Enterprise workloads
GitLab easily supports the Enterprise at any scale with the ability to manage and upgrade with nearly zero downtime.
* [Infrastructure as code (IaC) documentation](https://docs.gitlab.com/ee/user/infrastructure/iac/)
* [Incident management documentation](https://docs.gitlab.com/ee/operations/incident_management/)
Unparalleled metrics visibility
* GitLab's use of DORA metrics video
* GitLab's Value Streams Dashboard video
Cloud-native, multi-cloud and legacy support
GitLab provides a complete DevSecOps platform that allows teams to have the same productivity metrics and governance, regardless of your infrastructure mix.
* [Multicloud documentation](/topics/multicloud/)
* [GitOps documentation](/solutions/gitops/)
Lower Total Cost of Ownership
* Learn how the world's largest defence contractor uses GitLab to shrink toolchains, speed production, and improve security: [Lockheed Martin case study](/customers/lockheed-martin/)
* Learn how CARFAX trimmed their DevSecOps toolchain and improved security with GitLab: [CARFAX case study](/customers/carfax/)
Harness the power of AI with GitLab Duo
[Learn more](/gitlab-duo/)


"The vision that GitLab has in terms of tying strategy to scope and to code is very powerful. I appreciate the level of investment they are continuing to make in the platform."
$150k
approximate cost savings per year
20 hours
saved in onboarding time per project

Jason Monoharan
VP of Technology, Iron Mountain
[Read the study](/customers/iron-mountain/)
$150k
approximate cost savings per year
20 hours
saved in onboarding time per project
Want to increase velocity? Consolidate your toolchain today.
------------------------------------------------------------
* Improve collaboration
* Reduce admin burden
* Increase security
* Lower total cost of ownership
* Scale seamlessly
**Don't know where to start?** Our sales team can help guide you.
[Talk to sales](/sales/)
 Learn more
Industry leaders trust GitLab
-----------------------------
GitLab ranks as a G2 Leader across DevOps categories.


GitLab is a Leader in the 2024 Gartner® Magic Quadrant™ for DevOps Platforms
[Read the report](/gartner-magic-quadrant/)

GitLab is the only Leader in The Forrester Wave™: Integrated Software Delivery Platforms, Q2 2023
[Read the report](https://page.gitlab.com/forrester-wave-integrated-software-delivery-platforms-2023/)
Find out which pricing plan works best for your growing team
------------------------------------------------------------
[Why GitLab Premium?](/pricing/premium/)
[Why GitLab Ultimate?](/pricing/ultimate/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_content=default-saas-trial&glm_source=about.gitlab.com/)
[Talk to sales](/sales/)
---
# Collaborate and accelerate in one place | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
Source code management
Collaborate and accelerate in one place
---------------------------------------
Ship value fast with secure, scalable, and efficient source code management workflows.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/&glm_content=default-saas-trial)
[Contact sales](/sales/)


Source code management meets DevSecOps
------------------------------------------
With GitLab’s git-based repository, you can help your developers work together better — and get products to market more efficiently.
### Get developers up and running fast
Boost productivity with secure, easy-to-create remote development environments.
[Learn More](https://docs.gitlab.com/ee/user/project/remote_development/)
### Institute reliable, scalable governance
Meet security and compliance standards for all your projects with built-in guardrails for code quality and security.
[Learn more](https://docs.gitlab.com/ee/user/project/merge_requests/approvals/)
### Enjoy deployment flexibility
Choose from on-premises, multi-tenant SaaS, or GitLab Dedicated, our fully managed single-tenant SaaS solution.
[Learn more](/dedicated/)
### Power it all with AI
Streamline workflows and improve your security standing with AI-assisted code explanations, suggested reviewers, and automated test generation.
[Learn more](/gitlab-duo/#features)
Unlock operational efficiency
=============================
Accelerate time-to-value by integrating all phases of the DevSecOps lifecycle into a single platform with a unified data store.
[Explore our Platform](/platform/)

**Git-based repository:** Allow developers to work from a local copy, resulting in rapid branching and code development.
**Branching capabilities:** Efficient branching and merging capabilities allow developers to work concurrently on a project without interference, significantly reducing the time from idea to ship.
**DORA metrics:** Boost speed across the DevOps lifecycle and empower developers to focus on high-impact work.
**Value stream management:** Visualize your end-to-end DevSecOps workstream, identify and target inefficiencies, and take action to deliver the highest possible value.
Strengthen security
===================
Establish a foundation of a secure source code management to protect your code and user data.
[Learn about Security & Compliance](/solutions/security-compliance/)

**Merge requests:** Track, review, and approve code changes, and set required merge request approvals to have more control over who can push and merge code.
**Access controls and security guardrails:** Tailor permission levels to be granular or chained together — all easily managed via the UI or as code.
**Compliance pipelines:** Ensure that important policies are enforced, whether it’s standard regulatory controls or your own policy framework.
**Audit events:** Visualize a comprehensive history of audited events for even the most relevant and sensitive types of actions.
**Secret detection:** Keep secrets from getting leaked with support for pre-receive secret detection and built-in post-commit secret scanning.\*\*
Improve developer experience
============================
Make it simple for teams and stakeholders to communicate, contribute, and work efficiently together.
[Learn about Developer Experience](/developer-experience/)

**Code review workflow:** Automate, track and report code reviews, and identify workflow improvements with code review analytics.
**Web IDE:** Contribute easily right from your browser with everything you need using a full featured Integrated Development Environment (IDE).
**Merge trains:** Keep your main branch green and developers collaborating effectively.
**Remote development workflows:** Create consistent, on-demand environments that are pre-configured with the latest stable libraries and dependencies for easier onboarding, project kickstarting, contributing, and security.
Get an AI assist
================
From improving security to making processes more seamless, AI makes an impact across the software development lifecycle.
[Learn about GitLab Duo](/gitlab-duo/)

**Code suggestions:** Help developers write secure code more efficiently and accelerate cycle times by taking care of repetitive, routine coding tasks.
**Code explanation:** Help developers understand code by explaining it more clearly in natural language.
**Review summary:** Get a succinct summary of all comments and suggestions in both project issues and code reviews.
**Test generation:** Catch bugs early by automatically generating tests for the selected code.

"We turned to GitLab to allow us to rethink, and disrupt, the way we develop and build software swiftly, without compromising security. It’s how we enable our agile software development business."
Glenn Kurowski Senior Vice President and CTO, CACI
[View case study](/customers/caci/)
Which tier is right for you? [View plans](/pricing)
Free
----
### Use GitLab for personal projects
$ 0
per user/month, no credit card required [Get started](/pricing)
Premium
-------
### For scaling organizations and multi-team usage
$ 29
per user/month billed annually [Why Premium?](/pricing/premium/)
Ultimate
--------
### For enterprises looking to deliver software faster
For when your mission-critical software requires organization-wide security, compliance, and planning. [Why Ultimate?](/pricing/ultimate/)
Resources
---------
Get the latest source code management insights right here
[More SCM resources](/resources?topic=Version%20Control%20%26%20Collaboration)
[### European tech company Cube drives secure software with AI in GitLab Duo](/customers/cube/)
[### GitLab advances open science education at Te Herenga Waka – Victoria University of Wellington](/customers/victoria_university/)
[### How to implement version control with GitLab](/topics/version-control/how-implement-version-control/)
Ship better software. Faster
----------------------------
Accelerate, collaborate, and secure your code with GitLab
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Return on Investment Calculator | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
How much is your toolchain costing you?
=======================================
Save money Save time
* 1
Your people
* 2
Current spend
* 3
Your savings
How many people are using and maintaining your tool chain?
----------------------------------------------------------
Number of users
Number of DevSecOps tools maintainers
Continue to next step
Approximately, what is your spend per year (in USD) on these capabilities?
--------------------------------------------------------------------------
Source Code Management
$
Agile Project Management
$
Continuous Integration
$
Agile Portfolio Management
$
Continuous Delivery
$
Application Security
$
Registries
$
See your savings
* 1
Your people
* 2
Current time
* 3
Time savings
How many people are using and maintaining your tool chain?
----------------------------------------------------------
Number of users
Number of DevSecOps tools maintainers
Continue to next step
How many days does it take for an application update (code commit) to make it to production?
Days to production
How many hours per week do your developers spend configuring/integrating different tools in your DevOps toolchain?
Hours per week
How many hours per week do your developers spend on fixing security vulnerabilities before production?
Hours per week
See your savings
Today you spend
### 0 hours per project
By switching to
GitLab Ultimate
Save
0 hours
Increase efficiency by
NaN %
[Learn about Ultimate](/pricing/ultimate/)
[Contact Sales](/sales/)
By switching to
GitLab Premium
Save
0 hours
Increase efficiency by
NaN %
[Learn about Premium](/pricing/premium/)
Results are based on similar sized organizations reported savings. The results are purely an estimate and subject to change based on various factors that went into the calculation.
### Contact us for a closer look at your savings
All fields are required

### See how HackerOne achieves 5x faster deployments by switching to GitLab's integrated security
[Read customer case study](/customers/hackerone/)
[### Learn more about GitLab pricing plans\
\
Go to pricing page](/pricing/)
[### Purchase GitLab through Cloud Marketplaces\
\
Contact sales](/sales/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# What is Multicloud?
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
[Topics](/topics/)
Multicloud
What is Multicloud?
===================
* * *
Harnesses the power of cloud-agnostic DevOps and workflow portability.
[Download the ebook](/resources/guide-to-the-cloud/)
The need for multicloud
-----------------------
[](#the-need-for-multicloud)
Building better products with speed and consistency requires using reliable cloud solutions to rapidly scale to meet sudden demand. When businesses rely on a single vendor for cloud computing, they risk experiencing downtime and data loss if the cloud services provider is unable to meet a sudden uptick in demand. Customers expect dependable applications and few outages, making the reliance on a single cloud a risky decision for organizations looking to meet both business and market demand.
Outages can happen, but organizations must find ways to minimize the occurrence or they risk losing customers. A multicloud approach decreases the risk of data loss and downtime by spreading computing across multiple cloud solutions, such as Google Cloud Platform, Microsoft Azure, and Amazon Web Services.
[Download the Guide to the cloud: How to navigate the multi-cloud eBook →](/resources/guide-to-the-cloud/)
What is a multicloud strategy?
------------------------------
[](#what-is-a-multicloud-strategy)
In cloud computing, a multicloud strategy is the use of at least two cloud computing services from different cloud vendors in a single network architecture. A multicloud deployment enables teams to select the best providers for every technical and business need. A multicloud environment increases the available storage, computing power, and cost savings. Organizations can choose between multiple deployments of the same type of cloud (public or private) to leverage the best cloud solutions.
Private clouds are dedicated to one organization, so specific provisions can be made to ensure security and compliance. Private clouds can either be sold as a Platform-as-a-Service (PaaS) or offered as Infrastructure-as-a-Service (IaaS). A public cloud offers cloud solutions to multiple customers who share the cloud environment. Because they are automatically provisioned, they are considered less secure and not an option to store sensitive and confidential data.
[Learn how CI/CD is important in a multicloud strategy →](/blog/2020/01/17/ci-cd-the-ticket-to-multicloud/)

Multicloud maturity
-------------------
[](#multicloud-maturity)
Approximately 85% of organizations use multicloud environments, but not every organization is at the same level of maturity. As teams work through the multicloud maturity model, they increase portability by insulating cloud services from underlying infrastructure, such as processors, operating systems, and virtualization software, through layers of abstraction.
### Mono-cloud[](#monocloud)
All applications are in one cloud. With this strategy, a company goes “all-in” with one cloud provider for the ease of use, or because the services offered meet current business needs. The organization is locked in with a single vendor.
### No portability[](#no-portability)
There may be separate teams within the same organization, and each is working out of different cloud providers, but each team is working in its own mono-cloud environment. This structure uses multiple clouds but is not technically multicloud.
### Workflow portability[](#workflow-portability)
Workflow portability is what makes deploying anywhere possible. Instead of having to tailor certain workflows to certain clouds, developers can have one workflow with cloud-independent DevOps processes and frameworks for making deployment decisions.
### Application portability[](#application-portability)
In this scenario, applications can run on any cloud, and cloud-specific services are abstracted. Application portability is hard to attain, because it requires engineering interfaces as abstractions. It also leaves organizations using only the features that are common to all clouds, so they miss out on any specialty capabilities that could improve their processes.
### Disaster Recovery Portability[](#disaster-recovery-portability)
In this scenario, applications can fail over to another cloud with limited downtime. If a cloud provider’s data center should go down, organizations have the ability to switch to another provider.
### Workload portability[](#workload-portability)
The goal of workload portability is for organizations to shift application workloads between multiple clouds dynamically (e.g. autoscaling servers for background jobs). Workload portability makes it possible to migrate elements of a business service to the appropriate infrastructure so that it can service the needs of the user.
### Data portability[](#data-portability)
Data portability is a feature that lets users take their data from a service and transfer or “port” it elsewhere, typically through an API.
[Discover the challenges of shifting from on-prem to cloud →](/blog/2020/01/09/shifting-from-on-prem-to-cloud/)
Benefits of using multiple clouds
---------------------------------
[](#benefits-of-using-multiple-clouds)
Continuous integration is all about efficiency and is built around these core elements to make it effective.
### Greater flexibility[](#greater-flexibility)
Each cloud vendor shines in some areas and is weak in others. The ability to work with multiple vendors lets organizations use the right tool for the job.
### Workflow portability[](#workflow-portability)
Have a consistent workflow, regardless of where projects are deployed.
### Increased resilience[](#increased-resilience)
Architecting failover between multiple cloud providers lets you stay up even if one of your vendors is down.
### Improved cloud negotiations[](#improved-cloud-negotiations)
If another cloud vendor offers better terms or significant credits, businesses have better leverage because their DevOps processes are not tied to vendor-specific services.
On this page
[The need for multicloud](#the-need-for-multicloud)
[What is a multicloud strategy?](#what-is-a-multicloud-strategy)
[Multicloud maturity](#multicloud-maturity)
[Benefits of using multiple clouds](#benefits-of-using-multiple-clouds)
More on this topic
[Learn how GitLab enables cloud native applications](/solutions/cloud-native/)
[Learn how GitLab and GCP work together](/partners/technology-partners/google-cloud-platform/)
[Learn how GitLab and AWS work together](/partners/technology-partners/aws/)
Next steps
----------
[View all resources](/resources/)
* * *
[Webcast\
\
 \
\
### Watch how Ask Media Group modernized their architecture and development with microservices, containers, and Kubernetes\
\
Watch now](/webcast/cloud-native-transformation/)
[Webcast\
\
 \
\
### Hear how Delta Became Truly Cloud Native - Avoiding the Vendor-Lock\
\
Watch now](https://www.youtube.com/watch?v=zV_hFcxoN8I&list=PLFGfElNsQthaaqEAb6ceZvYnZgzSM50Kg&index=3&t=0s)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Explore projects · GitLab
Explore projects
================
* [Most starred](/explore/projects/starred)
* [Trending](/explore/projects/trending)
* [Active](/explore/projects)
* [Inactive](/explore/projects?archived=only)
* [All](/explore/projects?archived=true)
* [View KiCad Packages3D project ](/kicad/libraries/kicad-packages3D)
[KiCad / KiCad Libraries / KiCad Packages3D](/kicad/libraries/kicad-packages3D "KiCad Packages3D")
---------------------------------------------------------------------------------------------------
Official KiCad 3D model libraries for rendering and MCAD integration
[104](/kicad/libraries/kicad-packages3D/-/starrers "Stars")
Updated Mar 29, 2025
[104](/kicad/libraries/kicad-packages3D/-/starrers "Stars")
[369](/kicad/libraries/kicad-packages3D/-/forks "Forks")
[78](/kicad/libraries/kicad-packages3D/-/merge_requests "Merge requests")
[18](/kicad/libraries/kicad-packages3D/-/issues "Issues")
Updated Mar 29, 2025
* [View Tiki project ](/usbbush/tiki)
[ushindi bienvenu / Tiki](/usbbush/tiki "Tiki")
------------------------------------------------
Tiki is the Free/Libre/Open Source Web Application with the most built-in features, and a no-code/low-code web application framework for when a standard CMS isn't enough.
This is Tiki's public Git repository, for receiving merge requests. When unsure which branch to use see [https://dev.tiki.org/Where-To-Commit](https://dev.tiki.org/Where-To-Commit)
[0](/usbbush/tiki/-/starrers "Stars")
Updated Mar 29, 2025
[0](/usbbush/tiki/-/starrers "Stars")
[0](/usbbush/tiki/-/forks "Forks")
[0](/usbbush/tiki/-/merge_requests "Merge requests")
Updated Mar 29, 2025
* [View bulletin\_system project\
\
B](/rchang.rc/bulletin_system)
[RayChang / bulletin\_system](/rchang.rc/bulletin_system "bulletin_system")
----------------------------------------------------------------------------
[0](/rchang.rc/bulletin_system/-/starrers "Stars")
Updated Mar 29, 2025
[0](/rchang.rc/bulletin_system/-/starrers "Stars")
[0](/rchang.rc/bulletin_system/-/forks "Forks")
[0](/rchang.rc/bulletin_system/-/merge_requests "Merge requests")
[1](/rchang.rc/bulletin_system/-/issues "Issues")
Updated Mar 29, 2025
* [View ReportingSystemFrontend project\
\
R](/LibreFoodPantry/client-solutions/bear-necessities-market/reportingsystem/reportingsystemfrontend)
[LibreFoodPantry / Client Solutions / Bear Necessities Market / ReportingSystem / ReportingSystemFrontend](/LibreFoodPantry/client-solutions/bear-necessities-market/reportingsystem/reportingsystemfrontend "ReportingSystemFrontend")
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
[0](/LibreFoodPantry/client-solutions/bear-necessities-market/reportingsystem/reportingsystemfrontend/-/starrers "Stars")
Updated Mar 29, 2025
[0](/LibreFoodPantry/client-solutions/bear-necessities-market/reportingsystem/reportingsystemfrontend/-/starrers "Stars")
[0](/LibreFoodPantry/client-solutions/bear-necessities-market/reportingsystem/reportingsystemfrontend/-/forks "Forks")
[2](/LibreFoodPantry/client-solutions/bear-necessities-market/reportingsystem/reportingsystemfrontend/-/merge_requests "Merge requests")
[3](/LibreFoodPantry/client-solutions/bear-necessities-market/reportingsystem/reportingsystemfrontend/-/issues "Issues")
Updated Mar 29, 2025
* [View SPT-LiveFleaPriceDB project\
\
S](/GuRua/spt-livefleapricedb)
[Yun Hu / SPT-LiveFleaPriceDB](/GuRua/spt-livefleapricedb "SPT-LiveFleaPriceDB")
---------------------------------------------------------------------------------
[0](/GuRua/spt-livefleapricedb/-/starrers "Stars")
Updated Mar 29, 2025
[0](/GuRua/spt-livefleapricedb/-/starrers "Stars")
[0](/GuRua/spt-livefleapricedb/-/forks "Forks")
[0](/GuRua/spt-livefleapricedb/-/merge_requests "Merge requests")
[0](/GuRua/spt-livefleapricedb/-/issues "Issues")
Updated Mar 29, 2025
* [View wireshark project ](/ark-g/wireshark)
[Arkady Gilinsky / wireshark](/ark-g/wireshark "wireshark")
------------------------------------------------------------
Wireshark's official Git repository.
[1](/ark-g/wireshark/-/starrers "Stars")
Updated Mar 29, 2025
[1](/ark-g/wireshark/-/starrers "Stars")
[0](/ark-g/wireshark/-/forks "Forks")
[0](/ark-g/wireshark/-/merge_requests "Merge requests")
[0](/ark-g/wireshark/-/issues "Issues")
Updated Mar 29, 2025
* [View veloren project ](/Ted_Hudson/veloren)
[Ted Hudson / veloren](/Ted_Hudson/veloren "veloren")
------------------------------------------------------
Veloren is a multiplayer voxel RPG written in Rust. It is inspired by games such as Cube World, Legend of Zelda: Breath of the Wild, Dwarf Fortress and Minecraft.
[0](/Ted_Hudson/veloren/-/starrers "Stars")
Updated Mar 29, 2025
[0](/Ted_Hudson/veloren/-/starrers "Stars")
[0](/Ted_Hudson/veloren/-/forks "Forks")
[0](/Ted_Hudson/veloren/-/merge_requests "Merge requests")
[0](/Ted_Hudson/veloren/-/issues "Issues")
Updated Mar 29, 2025
* [View Proyecto\_prueba project\
\
P](/jesusspeed/proyecto_prueba)
[Jesus Alberto Mendez Bonilla / Proyecto\_prueba](/jesusspeed/proyecto_prueba "Proyecto_prueba")
-------------------------------------------------------------------------------------------------
[0](/jesusspeed/proyecto_prueba/-/starrers "Stars")
Updated Mar 29, 2025
[0](/jesusspeed/proyecto_prueba/-/starrers "Stars")
[0](/jesusspeed/proyecto_prueba/-/forks "Forks")
[0](/jesusspeed/proyecto_prueba/-/merge_requests "Merge requests")
[0](/jesusspeed/proyecto_prueba/-/issues "Issues")
Updated Mar 29, 2025
* [View fmt project\
\
F](/utk-robotics/mirrors/fmt)
[UTK Robotics / 3rd Party Project Mirrors / fmt](/utk-robotics/mirrors/fmt "fmt")
----------------------------------------------------------------------------------
[0](/utk-robotics/mirrors/fmt/-/starrers "Stars")
Updated Mar 29, 2025
[0](/utk-robotics/mirrors/fmt/-/starrers "Stars")
[2](/utk-robotics/mirrors/fmt/-/forks "Forks")
[0](/utk-robotics/mirrors/fmt/-/merge_requests "Merge requests")
[0](/utk-robotics/mirrors/fmt/-/issues "Issues")
Updated Mar 29, 2025
* [View Sprout-Backend project\
\
S](/sprout-found/sprout-backend)
[Sprout-Found / Sprout-Backend](/sprout-found/sprout-backend "Sprout-Backend")
-------------------------------------------------------------------------------
[0](/sprout-found/sprout-backend/-/starrers "Stars")
Updated Mar 29, 2025
[0](/sprout-found/sprout-backend/-/starrers "Stars")
[0](/sprout-found/sprout-backend/-/forks "Forks")
[1](/sprout-found/sprout-backend/-/merge_requests "Merge requests")
[0](/sprout-found/sprout-backend/-/issues "Issues")
Updated Mar 29, 2025
* [View fzf-lua project\
\
F](/ibhagwan/fzf-lua)
[iAm Bhagwan / fzf-lua](/ibhagwan/fzf-lua "fzf-lua")
-----------------------------------------------------
Official mirror of [https://github.com/ibhagwan/fzf-lua](https://github.com/ibhagwan/fzf-lua)
[Lua](/explore/projects/topics/lua)
[neovim](/explore/projects/topics/neovim)
[fzf](/explore/projects/topics/fzf)
\+ 2 more
[15](/ibhagwan/fzf-lua/-/starrers "Stars")
Updated Mar 29, 2025
[15](/ibhagwan/fzf-lua/-/starrers "Stars")
[0](/ibhagwan/fzf-lua/-/forks "Forks")
[0](/ibhagwan/fzf-lua/-/merge_requests "Merge requests")
[0](/ibhagwan/fzf-lua/-/issues "Issues")
Updated Mar 29, 2025
* [View KiCad Footprints project ](/johnbeard/kicad-footprints)
[John Beard / KiCad Footprints](/johnbeard/kicad-footprints "KiCad Footprints")
--------------------------------------------------------------------------------
Official KiCad Footprint Libraries for KiCad
[0](/johnbeard/kicad-footprints/-/starrers "Stars")
Updated Mar 29, 2025
[0](/johnbeard/kicad-footprints/-/starrers "Stars")
[1](/johnbeard/kicad-footprints/-/forks "Forks")
[6](/johnbeard/kicad-footprints/-/merge_requests "Merge requests")
[0](/johnbeard/kicad-footprints/-/issues "Issues")
Updated Mar 29, 2025
* [View NSwag project\
\
N](/gitlab-org/security-products/dependencies/nswag)
[GitLab.org / security-products / dependencies / NSwag](/gitlab-org/security-products/dependencies/nswag "NSwag")
------------------------------------------------------------------------------------------------------------------
GitLab-internal fork of the NSwag project [https://github.com/RicoSuter/NSwag](https://github.com/RicoSuter/NSwag)
[0](/gitlab-org/security-products/dependencies/nswag/-/starrers "Stars")
Updated Mar 29, 2025
[0](/gitlab-org/security-products/dependencies/nswag/-/starrers "Stars")
[0](/gitlab-org/security-products/dependencies/nswag/-/forks "Forks")
[0](/gitlab-org/security-products/dependencies/nswag/-/merge_requests "Merge requests")
Updated Mar 29, 2025
* [View BIopass project\
\
B](/divyg050/Biopass)
[Divy Goswami / BIopass](/divyg050/Biopass "BIopass")
------------------------------------------------------
[0](/divyg050/Biopass/-/starrers "Stars")
Updated Mar 29, 2025
[0](/divyg050/Biopass/-/starrers "Stars")
[0](/divyg050/Biopass/-/forks "Forks")
[0](/divyg050/Biopass/-/merge_requests "Merge requests")
[0](/divyg050/Biopass/-/issues "Issues")
Updated Mar 29, 2025
* [View hacbs-test-project-integration project\
\
H](/konflux-qe/hacbs-test-project-integration)
[KONFLUX QE / hacbs-test-project-integration](/konflux-qe/hacbs-test-project-integration "hacbs-test-project-integration")
---------------------------------------------------------------------------------------------------------------------------
a sample project used by the e2e-tests to report the Integration tests statuses to the Pull requests
[0](/konflux-qe/hacbs-test-project-integration/-/starrers "Stars")
Updated Mar 29, 2025
[0](/konflux-qe/hacbs-test-project-integration/-/starrers "Stars")
[7](/konflux-qe/hacbs-test-project-integration/-/forks "Forks")
[25](/konflux-qe/hacbs-test-project-integration/-/merge_requests "Merge requests")
[0](/konflux-qe/hacbs-test-project-integration/-/issues "Issues")
Updated Mar 29, 2025
* [View appimoautologs project\
\
A](/danhab05/appimoautologs)
[Dan habib / appimoautologs](/danhab05/appimoautologs "appimoautologs")
------------------------------------------------------------------------
[0](/danhab05/appimoautologs/-/starrers "Stars")
Updated Mar 29, 2025
[0](/danhab05/appimoautologs/-/starrers "Stars")
[0](/danhab05/appimoautologs/-/forks "Forks")
[1](/danhab05/appimoautologs/-/merge_requests "Merge requests")
[0](/danhab05/appimoautologs/-/issues "Issues")
Updated Mar 29, 2025
* [View Wireshark project ](/rangolit/wireshark)
[John Doe / Wireshark](/rangolit/wireshark "Wireshark")
--------------------------------------------------------
Wireshark's official code repository. You can keep the releases coming by donating at [https://wiresharkfoundation.org/donate/](https://wiresharkfoundation.org/donate/)
.
[0](/rangolit/wireshark/-/starrers "Stars")
Updated Mar 29, 2025
[0](/rangolit/wireshark/-/starrers "Stars")
[0](/rangolit/wireshark/-/forks "Forks")
[0](/rangolit/wireshark/-/merge_requests "Merge requests")
[0](/rangolit/wireshark/-/issues "Issues")
Updated Mar 29, 2025
* [View KiCad Footprint and 3D model Generator project ](/kicad/libraries/kicad-footprint-generator)
[KiCad / KiCad Libraries / KiCad Footprint and 3D model Generator](/kicad/libraries/kicad-footprint-generator "KiCad Footprint and 3D model Generator")
--------------------------------------------------------------------------------------------------------------------------------------------------------
creating kicad footprints using python scripts
[60](/kicad/libraries/kicad-footprint-generator/-/starrers "Stars")
Updated Mar 29, 2025
[60](/kicad/libraries/kicad-footprint-generator/-/starrers "Stars")
[249](/kicad/libraries/kicad-footprint-generator/-/forks "Forks")
[132](/kicad/libraries/kicad-footprint-generator/-/merge_requests "Merge requests")
[61](/kicad/libraries/kicad-footprint-generator/-/issues "Issues")
Updated Mar 29, 2025
* [View Palestra project ](/1Lg20/Palestra)
[Lg 20 / Palestra](/1Lg20/Palestra "Palestra")
-----------------------------------------------
Progetto finale di Informatica A.S. 2024/25 ITIS Rivoira Classe 5L
[0](/1Lg20/Palestra/-/starrers "Stars")
Updated Mar 29, 2025
[0](/1Lg20/Palestra/-/starrers "Stars")
[0](/1Lg20/Palestra/-/forks "Forks")
[0](/1Lg20/Palestra/-/merge_requests "Merge requests")
[0](/1Lg20/Palestra/-/issues "Issues")
Updated Mar 29, 2025
* [View Traefik Dynamic Blocklist project ](/opencontent/traefik-dynamic-blocklist)
[Opencontent / Traefik Dynamic Blocklist](/opencontent/traefik-dynamic-blocklist "Traefik Dynamic Blocklist")
--------------------------------------------------------------------------------------------------------------
[0](/opencontent/traefik-dynamic-blocklist/-/starrers "Stars")
Updated Mar 29, 2025
[0](/opencontent/traefik-dynamic-blocklist/-/starrers "Stars")
[0](/opencontent/traefik-dynamic-blocklist/-/forks "Forks")
Updated Mar 29, 2025
* Prev
* [Next](/explore/projects?non_archived=true&page=2&sort=latest_activity_desc)
---
# Lockheed Martin | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
[Customer stories](/customers/)
Lockheed Martin
 + 
Lockheed Martin saves time, money, and tech muscle with GitLab
==============================================================
Easy adoption experience
Simplified toolchains
Streamlined software sharing

Industry Defense and Aerospace Manufacturing
Employees 114,000
Location Bethesda, Maryland, U.S.
Solution
[GitLab Ultimate](/pricing/ultimate/)
Want to see what [GitLab Ultimate](/pricing/ultimate/)
can do for your team?
[Start your free trial](https://gitlab.com/-/trials/new?_gl=1%2Au3qiai%2A_ga%2AMTMyODM2NjQzOC4xNjU3OTA0NDQ2%2A_ga_ENFH3X7M5Y%2AMTY3ODkzMDM3MS40MDQuMC4xNjc4OTMwMzcyLjAuMC4w&glm_content=default-saas-trial&glm_source=about.gitlab.com%2F)
* * *
80x faster CI pipeline builds
* * *
1,000s of Jenkins servers retired
* * *
90% less time spent on system maintenance
* * *
Ready to get started? [Get free trial](https://gitlab.com/-/trials/new?_gl=1%2Au3qiai%2A_ga%2AMTMyODM2NjQzOC4xNjU3OTA0NDQ2%2A_ga_ENFH3X7M5Y%2AMTY3ODkzMDM3MS40MDQuMC4xNjc4OTMwMzcyLjAuMC4w&glm_content=default-saas-trial&glm_source=about.gitlab.com%2F)
[Learn about pricing](/pricing/)
[Lockheed Martin Corp.](https://www.lockheedmartin.com/)
, an American aerospace, defense, information security, and technology giant, has adopted GitLab’s single, end-to-end DevSecOps platform to more efficiently, securely, and quickly develop and deploy software for thousands of their programs, ranging from satellite platforms and aerospace systems to ground control software and maritime surface and subsurface software.
By switching to GitLab and automating deployment, teams have moved from monthly or weekly deliveries to daily or multiple daily deliveries."
\- Alan Hohn, Director of Software Strategy, Lockheed Martin
### Achieving mission needs with speed and flexibility
Based in Bethesda, Maryland, Lockheed Martin has approximately 116,000 employees worldwide, with more than 370 facilities. The company is principally engaged in the research, design, development, manufacture, integration, and sustainment of advanced technology systems, products, and services. The majority of the company's business is with the U.S. Department of Defense and U.S. federal government agencies. In the aeronautics industry alone, Lockheed Martin had $26.7 billion in sales in 2021.
Lockheed Martin’s customers depend on the company to help them overcome their most complex challenges and to stay ahead of emerging threats by providing the most technologically advanced solutions. Their engineering teams need speed and flexibility to meet the specific mission needs of each customer, while using shared expertise and infrastructure to ensure affordability.
### Toolchain complexity
Lockheed Martin has a history of using a wide variety of DevOps tools — everything from ClearCase to Jenkins, Dimensions, Redmine, and Bitbucket. Each program or product line at the company had its own toolchain. Rarely was one like another, with team members simply picking tools they were familiar with.
That led to uneven efficiencies and results.
Alan Hohn, director of software strategy at Lockheed Martin, said the quality of a team’s development and deployment environment often was based on how lucky the DevOps team happened to be. Well-funded programs, or those with forward-leaning leadership, might have had high-quality automation for everything from testing to continuous deployments, while other programs might only have had a build server to run compiles. And in the worst cases, programs might not have had any automation at all, creating more hands-on work, using team members’ time, and increasing the chance of missed problems.
### Increasing collaboration
To add to the challenge, software development teams at Lockheed Martin had made numerous attempts to set up code repositories that would allow developers to reuse code across programs — but these repos were rarely, if ever, used because they were never incorporated into the multitude of environments where teams were actually developing the software. That meant developers, without a solid collaboration environment, were always starting from scratch and the code in the repositories simply “sat and rotted,” says Hohn.
Once Lockheed Martin widely adopted GitLab’s platform, software sharing and reuse easily became part of their day-to-day operations.
“Having GitLab has completely changed the way we approach reusable software because the place where we develop software is also the place that other people can share, contribute, and participate in that development,” says Hohn. “Now, all of our programs have access to a high-quality software development environment.”
This development environment translates directly to benefits for Lockheed Martin’s customers. One team working on a program for the U.S. Department of Defense was able to reduce build times from 12 hours to 4 hours through the use of GitLab pipelines with containerized builds. This enabled the program to run 16 builds per night, rather than four, increasing test frequency and software quality. Overall, build success went from 60% to 90%. As a result, the customer is receiving new capabilities sooner and with better quality.
### Creating continuity
One of the most significant challenges Lockheed Martin faced in driving collaboration between programs and across the entire business is that their software resided in many different systems, with differing security requirements. GitLab, together with Lockheed Martin’s Software Factory, enables the company to modularize their software so reusable components can be shared in globally accessible environments, while teams can still maintain tight control over software components that are mission-critical or have security constraints.
A key feature of Lockheed Martin’s Software Factory is that it provides a common GitLab CI configuration YAML and common CI container images that are pre-configured to work with their other software development tools.
Teams have to maintain separate environments for security reasons, so their configuration needs to be able to work in different hosting environments for image registries and associated tools. They also often need to sustain particular versions of their software for years, since sometimes it’s deployed into operational environments where it can’t be frequently updated.
To take on these challenges, Hohn’s team created a catalog of common pipelines for popular programming languages with modules for security scanning, container image builds, and semantic versioning. The pipeline catalog allows developers to use the same YAML source file in multiple environments without having to make modifications. The catalog also makes it possible to create a historic build using a specific version of a pipeline and guarantees version consistency.
Before adopting GitLab, Lockheed Martin had made a few attempts to build a common set of pipelines, but they ended up only supporting a few users and were overly prescriptive. It wasn’t enough.
With GitLab as the foundation for their pipeline catalog, Lockheed Martin has been able to create pipeline templates that can be reused in multiple environments, including disconnected networks. That saves time and effort, and ensures continuity among projects. Now, pipeline updates are simpler, and sophisticated testing and release management are easier and more efficient.
“Now, we can be confident changes to our pipelines are automatically and thoroughly tested, and we can easily support both fast-moving development teams and risk-averse teams that are maintaining mission-critical capabilities,” says Hohn. “Our new approach, built on some key GitLab CI features, has helped us find the right balance of commonality and customization.”
Lockheed Martin now serves 2,500 pipelines per minute through the common pipeline catalog.
### Delivering scale
Because rapid adoption of GitLab created the need for a more scalable solution, Lockheed Martin, GitLab, and Amazon Web Services (AWS) worked together to automate and optimize Lockheed Martin's code deployment across the enterprise. The solution started with a well-architected review of the design between the three companies. AWS then helped to automate and optimize the Lockheed Martin GitLab deployment for the CI/CD environment by delivering Infrastructure as Code (IaC) to deploy the environment in two hours, instead of the several hours it had taken previously.
The AWS team also established workflows to deliver a fully automated, highly available Disaster Recovery architecture for GitLab that is compliant and scalable. This enabled a consistent process that runs without manual intervention. AWS also supported load balancing to auto-scale the deployment process based on developer demand for pipeline runs and user traffic so developers are not waiting on deployments to execute. Pre-migration testing was performed to establish baselines, followed by post-migration testing to measure performance and scalability gains in delivering faster deployments.
Additionally, monitoring and security controls were implemented to comply with Lockheed Martin’s security policies. As a result, the team was able to deliver operational efficiencies with the number of build requests waiting to be processed dropping from 200 to zero, and reducing time for code deployment across the enterprise. This effort showcased how large enterprises with thousands of software developers can build and deploy automated, scalable, and resilient code pipelines in the cloud using platforms such as GitLab by leveraging AWS best practices.
### Going with GitLab
Lockheed Martin didn’t need to do a formal evaluation of GitLab’s platform before deciding to go with it. The company’s DevOps teams have, over the years, used a multitude of tools on the market, so they understood the capabilities and benefits they would get from GitLab. For instance, GitLab’s built-in continuous integration capability was a “killer feature,” according to Hohn.
And the company has gone in big with GitLab. Today, they have approximately 64,000 projects on the GitLab Platform — some legacy projects have been migrated to GitLab, and others were initiated on the platform.
Lockheed Martin hasn’t rid itself of all of its toolchains but the company has greatly reduced them, cutting complexity, cost, and workload.
“We recognize that there are going to be programs where the customer wants to own the development environment and they want a specific tool,” explains Hohn. “We want to get to the point, and what we’re achieving, is people don't even consider standing up their own toolchain. They just use GitLab because they know that it works.
“Have we erased all traces \[of toolchains\]? No,” adds Hohn. “But it’s so small it’s not significant to us.”
For instance, before widely adopting GitLab, the company was using Jenkins for CI servers – thousands of instances of Jenkins across the organization. That’s no longer the case.
“Everybody had to maintain a different installation. We’ve collapsed that down to mostly GitLab,” says Hohn. “There are still Jenkins instances out there but they’re a small fraction of the number there were three years ago.”
### Saving time and effort
Those reduced toolchains are saving the company time, muscle, and money, so that it can continue to innovate and deliver affordable solutions to their customers.
“For teams that had independent environments, they had to dedicate about 20 hours a week and 80 hours a month just to keep the system running,” says Hohn. “On a team of 12 people, that’s dedicating at least half a person. We reduced that by something like 90%. They’re now spending a couple of hours of a person’s time. That’s multiplied across a lot of teams. As a corporation with more than 10,000 software engineers, we can say we’re saving hundreds or thousands of hours a year.”
Having all of those projects on GitLab’s single platform means legacy programs that might have previously, on average, delivered to testing monthly and to operations quarterly, now are delivering to testing every six days and to operations every 26 days, Hohn notes.
“It's very typical that we're seeing monthly deliveries turn into weekly,” he adds. “We're seeing quarterly deliveries turn into monthly. I mean, that scale of changes is very common.”
That time savings means the company can respond to customer requests more confidently and reliably.
“We serve a lot of customers and we have a lot of software development activities,” says Ian Dunbar-Hall, senior software engineer at Lockheed Martin. “GitLab allows a team to go from zero to a repository and a full CI pipeline, totally self-service, in 30 minutes, rather than the 40 hours, minimum, that it used to take.”
### Improving security
Since Lockheed Martin works with the Department of Defense and federal agencies, the company builds systems that are critical to national security. That means creating secure software is integral to both Lockheed Martin and its customers. A challenge for any company using toolchains is that it’s easy to miss an update because of the sheer size and complexity of the chain. Now with GitLab, they don’t have to worry about using tools that haven’t been updated because with a single, end-to-end platform, an update only has to be done once and every instance is covered.
And with defense and security-focused customers, compliance is a critical issue for Lockheed Martin. That’s easier to manage now that the company uses GitLab's compliance framework to enforce software quality, and automation to make releases and dependency management more efficient and faster.
Using a single platform also means teams are getting a standardized set of automated security capabilities — from cutting-edge analysis tools to vulnerability scanning and security automation — seamlessly built in. Before using GitLab, teams didn’t all have the best security tools and there was no standardized way of handling security practices. Now with Lockheed Martin’s common pipeline catalog, teams also are using off-the-shelf pipelines that already have best-in-class security built in. “Now that we have a more common approach, it's much easier for teams to leverage a common way of doing software build, test, and security scans, which raises the level of quality of the products that we create,” says Hohn.
And with GitLab, teams no longer need security experts, who could be difficult for every team to find, to configure various tools. Best-in-class security already is built in, according to Hohn.
“Today, it is extremely common to have sophisticated security scanning capabilities as part of all of our pipelines because the effort involved to add that to the pipelines is so much smaller,” says Hohn. “Teams now are aware of the security posture of the code they're writing in a way that they weren't before. That enables conversations about the security of our software that were not taking place the old way.”
The company is still using some third-party, legacy security tools, but teams are using GitLab’s platform to make it easier to integrate them all. “It’s a great complement,” says Jeff Daniels, Director Automations and Applications. “It's easier now that we have GitLab, which increases our security posture and quality.”
Lockheed Martin is looking to continue to grow with GitLab. DevOps teams will migrate even more of their projects over to the DevSecOps platform and expand from there. “We hope to see growth in the number of projects using security and software supply chain functionality, including compliance pipelines and dashboards,” says Hohn.
All information and persons involved in case study are accurate at the time of publication.
[#### Find out which plan is best for your team.\
\
See our pricing plans](/pricing/)
[#### How much is your current toolchain costing you?\
\
ROI calculator](/calculator/)
* * *
[\
\
#### FullSave\
\
FullSave simplifies toolchain\
\
Read story](/customers/fullsave/)
[\
\
#### Siemens\
\
How Siemens created an open source DevOps culture with GitLab\
\
Read story](/customers/siemens/)
[\
\
#### Hilti\
\
How CI/CD and robust security scanning accelerated Hilti's SDLC\
\
Read story](/customers/hilti/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Continuous Software Security | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
Continuous Software Security
============================
Shift security left with built-in DevSecOps
[Start your free trial](https://gitlab.com/-/trials/new?glm_content=default-saas-trial&glm_source=about.gitlab.com)

* [Overview](#overview)
* [Benefits](#benefits)
* [Capabilities](#capabilities)
* [Pricing](#pricing)
* [Case Studies](#case-studies)
Integrating security into your DevSecOps lifecycle is easy with GitLab.
Security and compliance are built in, out of the box, giving you the visibility and control necessary to protect the integrity of your software.

Security. Compliance. Built-in.
-------------------------------

###
Integrated testing and remediation
With every code commit, GitLab provides actionable security and compliance [findings to developers](https://docs.gitlab.com/ee/user/application_security/)
to shift remediation earlier in the lifecycle while developers are still working on the code.
###
Manage software vulnerabilities
While helping security pros [manage remaining vulnerabilities](https://docs.gitlab.com/ee/user/application_security/security_dashboard/#gitlab-security-dashboards-and-security-center)
through resolution.
###
Cloud Native Application security
GitLab helps you secure your cloud native applications and the infrastructure upon which they depend including containers, infrastructure-as-code, and APIs.
###
Guardrails and policy automation
GitLab’s compliant pipelines, MR approvals, end-to-end transparency of audit events, along with built-in [common controls](https://docs.gitlab.com/ee/administration/compliance.html)
help you secure your software supply chain and meet your [compliance needs](https://about.gitlab.com/solutions/compliance/)
.
Unleash developers to run fast - and secure
-------------------------------------------
### Simplicity
One platform, one price, with comprehensive application security.
### Visibility
See who changed what, where, when, end-to-end.
### Control
Compliance framework for consistency, common controls, policy automation.
### Test within the CI pipeline
Use your scanners or ours. Shift security left to empower developers to find and fix security flaws as they are created. Comprehensive scanners include SAST, DAST, Secrets, dependencies, containers, IaC, APIs, cluster images, and fuzz testing.
[Learn more](https://docs.gitlab.com/ee/user/application_security/)

### Assess dependencies
Scan dependencies and containers for security flaws. Inventory dependencies used.
### Secure cloud native apps
Test the security of cloud native elements such as infrastructure-as-code, APIs, and cluster images.
### Manage vulnerabilities
Built for the security pro to vet, triage, and manage software vulnerabilities from pipelines, on-demand scans, third parties, and bug bounties all in one place. Immediate visibility as vulnerabilities are merged. Collaborate more easily on their resolution
### Secure your software supply chain
Automate security and compliance policies across your software development lifecycle. Compliant pipelines ensure pipeline policies are not circumvented, while common controls provide end-to-end guardrails.
Which tier is right for you?
----------------------------
[Which tier is right for you?](/pricing/)
### Free
* Static application security testing (SAST) and secrets detection
* Findings in json file
[Learn more](/pricing/)
### Premium
* Static application security testing (SAST) and secrets detection
* Findings in json file
* MR approvals and more common controls
[Learn about GitLab Premium](/pricing/)
### Ultimate
* Everything in Premium plus
* Comprehensive security scanners include SAST, DAST, Secrets, dependencies, containers, IaC, APIs, cluster images, and fuzz testing
* Actionable results within the MR pipeline
* Compliance pipelines
* Security and Compliance dashboards
* Much more
[Start your free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/&glm_content=default-saas-trial)
[Learn more](/pricing/)
Customer Realized Benefits
--------------------------
[All case studies](/customers/)
[### HackerOne\
\
#### HackerOne achieves 5x faster deployments with GitLab’s integrated security\
\
\
\
Learn more](/customers/hackerone)
[### The Zebra\
\
#### How The Zebra achieved secure pipelines in black and white\
\
\
\
Learn more](/customers/thezebra/)
[### Hilti\
\
#### How CI/CD and robust security scanning accelerated Hilti’s SDLC\
\
\
\
Learn more](/customers/hilti/)
Explore other ways GitLab can help continuous software security.
----------------------------------------------------------------
[Explore more Solutions](/solutions/)
[Delivery Automation](/solutions/delivery-automation/)
[Continuous integration](/solutions/continuous-integration/)
[Compliance](/solutions/compliance/)
Resources
---------
[View all resources](/resources/)
* * *
Video

### DevSecOps overview demo
Watch now
Video

### Learn how to add Security to your CICD Pipeline
Watch now
Video

### Efficiently manage vulnerabilities and risk using the GitLab Security Dashboards
Watch now
Video

### Manage your Application Dependencies
Watch now
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Software Supply Chain Security | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
Built-in automation and policy enforcement
==========================================
Software Supply Chain Security
------------------------------
Secure your software supply chain, stay ahead of threat vectors, and establish policies to aid compliance adherence so you can deliver secure software faster.
[Start your free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/&glm_content=default-saas-trial)
[Learn about pricing](/pricing/)

Trusted By:
-----------
[](/customers/bab/)
[](https://about.gitlab.com/customers/hackerone/)
[](/customers/new10/)
[](/customers/thezebra/)
[](/customers/chorus/)
[](/customers/hilti/)
* [Overview](#overview)
* [Capabilities](#capabilities)
* [Customers](#customers)
* [Pricing](#pricing)
* [Resources](#resources)

Secure your end-to-end software supply chain
------------------------------------------------
###
Protect your software development lifecycle
Protect multiple attack surfaces, including your code, build, dependencies, and release artifacts
[Learn more about DevSecOps](/solutions/security-compliance/)
###
Adhere to compliance requirements
Easy access to audit and governance reports
[Why GitLab?](/why-gitlab/)
###
Implement guardrails
Control access and implement policies
[Learn more about our platform approach](/solutions/devops-platform/)
Code, build, release. Securely.
-------------------------------
### Establish zero trust
Identity and access management (IAM) is one of the biggest attack vectors in the software supply chain. Secure access with GitLab by authenticating, authorizing, and continuously validating all human and machine identities operating in your environment.
* Implement granular [access control](https://docs.gitlab.com/ee/administration/settings/visibility_and_access_controls.html)
including [2 factor authentication](https://docs.gitlab.com/ee/security/two_factor_authentication.html)
* Establish [token expiration policies](https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html)
* Set up [policies](https://docs.gitlab.com/ee/administration/compliance.html#policy-management)
as per organizational or regulatory rules
* Generate comprehensive [audit and governance reports](https://docs.gitlab.com/ee/administration/audit_reports.html)
for compliance adherence
* Enforce [two-person approvals](https://docs.gitlab.com/ee/user/project/merge_requests/approvals/rules.html)
for additional guardrails
### Secure your source code
Ensure the security and integrity of your source code by managing who has access to the code and how changes to the code are reviewed and merged.
* Establish version control, [code history](https://docs.gitlab.com/ee/user/project/repository/git_history.html?_gl=1*1ngzpgw*_ga*NTg0MjExODQyLjE2MTk1MzkzOTQ.*_ga_ENFH3X7M5Y*MTY2NDUzNDg3My4xMjkuMS4xNjY0NTM4MjQ3LjAuMC4w)
, and [access control](https://docs.gitlab.com/ee/administration/settings/visibility_and_access_controls.html)
to your source code
* Use automated [code quality](https://docs.gitlab.com/ee/ci/testing/code_quality.html)
tests to analyze the performance impact of changes
* Enforce review and [approval rules](https://docs.gitlab.com/ee/ci/testing/code_quality.html)
to control what goes into production
* Run [automated security scans](https://docs.gitlab.com/ee/user/application_security/)
to capture vulnerabilities before your code is merged
* Ensure passwords and sensitive information are not in your source code through automated [secrets detection](https://docs.gitlab.com/ee/user/application_security/secret_detection/)
* Implement [signed commits](https://docs.gitlab.com/ee/user/project/repository/signed_commits/)
to prevent developer impersonation
### Secure dependencies
Verify that all open source dependencies used in your projects contain no disclosed vulnerabilities, come from a trusted source, and have not been tampered with.
* Generate a [software bill of materials](https://docs.gitlab.com/ee/user/application_security/dependency_list/)
in an automated manner to identify your projects’ dependencies
* Automatically identify vulnerabilities in any dependent software used through automated [software composition analysis](https://docs.gitlab.com/ee/user/application_security/dependency_scanning/)
* Run [license compliance](https://docs.gitlab.com/ee/user/compliance/license_approval_policies.html)
scans to ensure your project is using software with licenses within your organization’s policies
### Secure build environments
Prevent bad actors from injecting malicious code into the build process and gaining control over the software built by the pipeline or access to secrets used in the pipeline.
* [Isolate your build environment](https://docs.gitlab.com/runner/security/?_gl=1*1d95r9z*_ga*NTg0MjExODQyLjE2MTk1MzkzOTQ.*_ga_ENFH3X7M5Y*MTY2NDUzNDg3My4xMjkuMS4xNjY0NTM4MDA2LjAuMC4w)
to prevent unauthorized access or malicious code execution
* Maintain [release evidence](https://docs.gitlab.com/ee/user/project/releases/#release-evidence)
for everything that is included in the release
* Ensure your build artifacts are not compromised with [build artifact attestation](https://docs.gitlab.com/ee/ci/runners/configure_runners.html#artifact-attestation)
### Secure release artifacts
Stop attackers from exploiting weaknesses in an application’s design or configurations to steal private data, gain unauthorized access to accounts, or impersonate legitimate users.
* Establish a [secure connection](https://about.gitlab.com/blog/2022/01/07/gitops-with-gitlab-using-ci-cd/#meet-the-cicd-tunnel)
with your cluster to deliver your release artifacts
* Identify [security vulnerabilities in running applications](https://docs.gitlab.com/ee/user/application_security/dast/)
before deploying
* Ensure your [API interfaces](https://docs.gitlab.com/ee/user/application_security/api_fuzzing/)
do not expose your running application


"We now have an always-innovating solution that aligns with our goal of digital transformation. "
Caio Trevisan Head of DevOps Enablement, Bendigo and Adelaide Bank
[Learn more](/customers/bab/)
Which tier is right for you?
----------------------------
[Which tier is right for you?](/pricing/)
### Free
* Static application security testing (SAST) and secrets detection
* Findings in json file
[Learn more](/pricing/)
### Premium
* Static application security testing (SAST) and secrets detection
* Findings in json file
* MR approvals and more common controls
[Learn about GitLab Premium](/pricing/)
### Ultimate
* Everything in Premium plus
* Comprehensive security scanners include SAST, DAST, Secrets, dependencies, containers, IaC, APIs, cluster images, and fuzz testing
* Actionable results within the MR pipeline
* Compliance pipelines
* Security and Compliance dashboards
* Much more
[Start your free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/&glm_content=default-saas-trial)
[Learn more](/pricing/)
Related Resources
-----------------
Video

### Shifting Security Left - GitLab Security Overview
Watch now
Video

### Managing Vulnerabilities and Enabling Separation of Duties with GitLab
Watch now
Video

### GitLab 15 Release - New Security Features
Watch now
Video

### SBOM and Attestation
Watch now
[Book\
\
 \
\
### Guide to software supply chain security\
\
Learn more](https://cdn.pathfactory.com/assets/10519/contents/360915/35d042c6-3449-4d50-b2e9-b08d9a68f7a1.pdf)
[Book\
\
 \
\
### GitLab DevSecOps survey\
\
Learn more](https://cdn.pathfactory.com/assets/10519/contents/432983/c6140cad-446b-4a6c-96b6-8524fac60f7d.pdf)
[Blog\
\
 \
\
### Ultimate guide to software supply chain security\
\
Learn more](/blog/2022/08/30/the-ultimate-guide-to-software-supply-chain-security/)
[Blog\
\
 \
\
### Comply to NIST framework with GitLab\
\
Learn more](/blog/2022/03/29/comply-with-nist-secure-supply-chain-framework-with-gitlab/)
[Blog\
\
 \
\
### Inside DORA Performers score in GitLab Value Streams Dashboard\
\
Learn more](/blog/2024/01/18/inside-dora-performers-score-in-gitlab-value-streams-dashboard/)
[Blog\
\
 \
\
### Securing the software supply chain through automated attestation\
\
Learn more](/blog/2022/08/10/securing-the-software-supply-chain-through-automated-attestation/)
[Report\
\
 \
\
### GitLab a challenger in 2022 Gartner Magic Quadrant\
\
Learn more](https://about.gitlab.com/analysts/gartner-ast22/)
[Explore more Solutions](/solutions/)
### DevSecOps
GitLab empowers your teams to balance speed and security by automating software delivery and securing your end-to-end software supply chain.
[Learn more](/solutions/security-compliance/)
### Continuous Software Compliance
Integrating security into your DevSecOps lifecycle is easy with GitLab.
[Learn more](/solutions/continuous-software-compliance/)
### Continuous Integration and Delivery
Make software delivery repeatable and on-demand
[Learn more](/solutions/continuous-integration/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# GitLab for GitOps | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
GitLab for GitOps
=================
Infrastructure automation and collaboration for cloud native, multicloud, and legacy environments
[Start your free trial](https://gitlab.com/-/trials/new?glm_content=default-saas-trial&glm_source=about.gitlab.com)
* [What is GitOps?](#what-is-gitops)
* [GitLab for GitOps](#gitlab-for-gitops)
* [Advantages](#advantages)
* [Capabilities](#capabilities)
* [Enablement](#enablement)
* [Recognition](#recognition)
* [Resources](#resources)
GitOps is an operational framework that takes DevSecOps best practices used for application development such as version control, collaboration, compliance, and CI/CD, and applies them to infrastructure automation and management.
[Learn more about GitOps](/topics/gitops/)
Foster collaboration between your infrastructure, operations, and development teams. Deploy more frequently with greater confidence while also increasing the stability, reliability, and security of your software environments. Utilize GitLab's capabilities for version control, code review, and CI/CD in a single application for a seamless experience. Take advantage of GitLab's tight integration with HashiCorp Terraform and Vault along with multi-cloud capabilities provide you with the best platform for infrastructure automation and management.
[Watch a demo](/demo/)

GitLab advantages
---------------------
###
A single app for SCM, CI/CD, and GitOps
Source Code Management, CI/CD and GitOps workflows are at the core of the automation and management of your infrastructure. In addition, our AI-assisted capabilities across the entire DevSecOps lifecycle can help you become more efficient and increase your deployment frequency.
###
Tightly integrated with Terraform
Terraform has emerged as the industry standard for environment provisioning. GitLab partners with HashiCorp to make sure your tooling works the best together.
###
Trusted by the world's largest engineering teams
From Goldman Sachs and Verizon to Ticketmaster and Siemens, more large enterprise trust GitLab with their code than anyone else.
Capabilities
------------
### Git-based version control
Use the Git tooling you already have as an interface for operations. Version your Infrastructure as Code along with configuration policy to make reproducible environments. During incidents, roll back to a last known working state to lower your times to restore services.
### Code Review
Improve code quality, distribute best practices, and catch error before they go live with Merge Requests that keep track of and resolve threads, apply in-line suggestions and work asynchronously with in-line and general threaded comments.
### Protected branches and environments
Allow everyone to contribute with shared code repositories while limiting who can deploy to environments with unique permissions for protected and non-default branches.
### CI/CD and GitOps workflows
GitLab provides powerful and scalable CI/CD built from the ground up into the same application as your agile planning and source code management for a seamless experience. GitLab include Infrastructure as Code static and dynamic testing to help catch vulnerabilities before they get to production. GitLab integrates Flux to support pull-based GitOps workflows.
### Terraform integration
GitLab stores your Terraform state file and modules shows Terraform plan output directly in the merge request.
### Deploy anywhere
From containers and VMs to bare metal GitLab's deploys everywhere. Go multicloud with AWS, Azure, Google Cloud, and more.

How GitLab enables GitOps
-----------------------------
###
Environment as code
Stored in GitLab version control as a single source of truth.
###
Teams collaborate
Using GitLab's agile planning and code review.
###
The same tool
Used to plan, version, and deploy your application code works for your operations code as well.
###
CI/CD and GitOps workflows for infrastructure automation and management
Reconciles your environments with your SSoT in version control.
### Analyst reports
[GitLab recognized as the only Leader in The Forrester Wave™: Integrated Software Delivery Platforms, Q2 2023\
\
Read the report](https://page.gitlab.com/forrester-wave-integrated-software-delivery-platforms-2023.html)
[GitLab recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for DevOps Platforms\
\
Read the report](/gartner-magic-quadrant/)
Related resources
-----------------
Video

### What is GitOps? Why is it important? How can you get started?
Watch now
[Web\
\
 \
\
### What is GitOps?\
\
Learn more about GitOps](/topics/gitops/)
[Blog\
\
 \
\
### Why collaboration technology is critical for GitOps\
\
Learn more](/topics/gitops/gitops-gitlab-collaboration/)
[Blog\
\
 \
\
### How to use GitLab and Ansible to create infrastructure as code\
\
Learn more](/blog/2019/07/01/using-ansible-and-gitlab-as-infrastructure-for-code/)
[Whitepaper\
\
 \
\
### GitOps:The Future of Infrastructure Automation - A panel discussion with Weaveworks, HashiCorp, Red Hat, and GitLab\
\
Learn more](/why/gitops-infrastructure-automation/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Continuous Software Compliance with GitLab | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
Automate compliance, reduce risks
=================================
Software Compliance with GitLab
-------------------------------
Build applications that meet common regulatory standards with a secure software supply chain.
[Start your free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/&glm_content=default-saas-trial)
[Learn about pricing](/pricing/)

Trusted By:
-----------
[](/customers/duncan-aviation/)
[](/customers/curve/)
[](/customers/hilti/)
[](/customers/thezebra/)
[](/customers/new10/)
[](/customers/chorus/)
* [Overview](#overview)
* [Capabilities](#capabilities)
* [Customers](#customers)
* [Pricing](#pricing)
* [Resources](#resources)

Simplify and automate software compliance
-----------------------------------------

###
Manage risk
Go beyond simply reducing security flaws in the code
###
Simple and frictionless
An integrated experience to define, enforce, and report on compliance
###
Implement guardrails
Control access and implement policies
Fast, secure, compliant.
------------------------
### Policy management
Define rules and policies to adhere to compliance frameworks and common controls
* **Granular user roles and permissions:** Define user roles and permission levels that make sense for your organization
* **Access control:** Limit access with two-factor authentication and expiration tokens
* **Compliance settings:** Define and enforce compliance policies for specific projects, groups, and users
* **Credentials inventory:** Keep track of all the credentials that can be used to access a GitLab self-managed instance
* **Protected branches:** Control unauthorized modifications to specific branches — including creating, pushing, and deleting a branch — without adequate permissions or approvals
[Learn More](https://docs.gitlab.com/ee/administration/compliance.html?_gl=1*1r05yn6*_ga*NTg0MjExODQyLjE2MTk1MzkzOTQ.*_ga_ENFH3X7M5Y*MTY2NTY1NDE3OC4xNDguMS4xNjY1NjU1ODM3LjAuMC4w#policy-management)
### Compliant workflow automation
Enforce defined rules, policies, and separation of duties while reducing overall business risk
* **Compliance framework project templates:** Create projects that map to specific audit protocols such as HIPAA to help maintain an audit trail and manage compliance programs
* **Compliance framework project labels:** Easily apply common compliance settings to a project with a label
* **Compliance framework pipelines:** Define compliance jobs that should be run in every pipeline to ensure that security scans are run, artifacts are created and stored, or any other steps required by your organizational requirements
[Learn More](https://docs.gitlab.com/ee/administration/compliance.html?_gl=1*nbfxzt*_ga*NTg0MjExODQyLjE2MTk1MzkzOTQ.*_ga_ENFH3X7M5Y*MTY2NTY1NDE3OC4xNDguMS4xNjY1NjU2NDIyLjAuMC4w#compliant-workflow-automation)
### Audit management
Prepare for audits and better understand the root cause of issues with easy access to audit data
* **[Audit events:](https://docs.gitlab.com/ee/user/compliance/audit_events.html)
** Track important events such as changes to user permission levels, who added a new user, or who removed a user
* **[Streaming audit events:](https://docs.gitlab.com/ee/administration/audit_event_streaming/)
** Consolidate your audit logs in a tool of your choice
* **[Audit reports:](https://docs.gitlab.com/ee/administration/audit_event_reports.html)
** Respond to auditors by generating comprehensive reports such as instance, group, and project events, impersonation data, sign-in, and user events
* **[Compliance report:](https://docs.gitlab.com/ee/user/compliance/compliance_center/compliance_violations_report.html)
** Get a high-level view of compliance violations and the reasons and severity of violations in merge requests
### Vulnerability and dependency management
View, triage, trend, track, and resolve vulnerabilities and dependencies in your applications
* **[Security dashboards:](https://docs.gitlab.com/ee/user/application_security/security_dashboard/)
** Access current security status applications and initiate remediation
* **[Software bill of materials:](https://docs.gitlab.com/ee/user/application_security/dependency_list/)
** Scan application and container dependencies for security flaws and create a software bill of materials (SBOM) of the dependencies used

Trusted by enterprises.
Loved by developers.
----------------------------------------------
01 - 03
Which tier is right for you?
----------------------------
[Which tier is right for you?](/pricing/)
### Free
* Static application security testing (SAST) and secrets detection
* Findings in json file
[Learn more](/pricing/)
### Premium
* Static application security testing (SAST) and secrets detection
* Findings in json file
* MR approvals and more common controls
[Learn about GitLab Premium](/pricing/)
### Ultimate
* Everything in Premium plus
* Comprehensive security scanners include SAST, DAST, Secrets, dependencies, containers, IaC, APIs, cluster images, and fuzz testing
* Actionable results within the MR pipeline
* Compliance pipelines
* Security and Compliance dashboards
* Much more
[Start your free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/&glm_content=default-saas-trial)
[Learn more](/pricing/)
Related Resources
-----------------
Video

### Compliant pipelines
Watch now
Video

### Continuous software compliance
Watch now
Video

### SBOM and Attestation
Watch now
[Book\
\
 \
\
### Guide to software supply chain security\
\
Learn more](https://cdn.pathfactory.com/assets/10519/contents/360915/35d042c6-3449-4d50-b2e9-b08d9a68f7a1.pdf)
[Book\
\
 \
\
### GitLab DevSecOps survey\
\
Learn more](https://cdn.pathfactory.com/assets/10519/contents/432983/c6140cad-446b-4a6c-96b6-8524fac60f7d.pdf)
[Blog\
\
 \
\
### The importance of compliance in DevOps resource\
\
Learn more](https://about.gitlab.com/blog/2022/08/15/the-importance-of-compliance-in-devops/)
Blog

### Top 5 compliance features to leverage in GitLab
Learn more
[Blog\
\
 \
\
### How to enforce separation of duties and achieve compliance\
\
Learn more](https://about.gitlab.com/blog/2022/04/04/ensuring-compliance/)
[Blog\
\
 \
\
### What you need to know about DevOps Audits\
\
Learn more](https://about.gitlab.com/blog/2022/08/31/what-you-need-to-know-about-devops-audits/)
[Report\
\
 \
\
### GitLab a challenger in 2022 Gartner Magic Quadrant\
\
Learn more](https://about.gitlab.com/analysts/gartner-ast22/)
[Explore more Solutions](/solutions/)
### DevSecOps
GitLab empowers your teams to balance speed and security by automating software delivery and securing your end-to-end software supply chain.
[Learn more](/solutions/security-compliance/)
### Software Supply Chain Security
Ensure your software supply chain is secure and compliant.
[Learn more](/solutions/supply-chain/)
### Automated software delivery
Automation essentials for achieving digital innovation, cloud native transformations and application modernization
[Learn more](/solutions/delivery-automation/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Security Compliance | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
[Advanced SAST now available. Learn more](https://about.gitlab.com/blog/2024/09/19/gitlab-advanced-sast-is-now-generally-available/)
Security and compliance
-----------------------
End-to-end security and compliance, built right into the platform your developers already use.
[Contact sales](/sales/)
[Start your free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/&glm_content=default-saas-trial)

Trusted By
----------
[](/blog/2021/08/04/ubs-gitlab-devops-platform/)
[](https://about.gitlab.com/customers/hackerone/)
[](/customers/thezebra/)
[](/customers/hilti/)
[](/customers/conversica/)
[](/customers/bab/)
[](/customers/glympse/)

Ship with speed and Security
--------------------------------
GitLab is the only platform that has all the security functionality that you need — for applications and APIs.
### Strengthen security and compliance with AI
Only GitLab provides AI throughout the software development lifecycle to help developers write more secure code — from AI-powered code suggestions and vulnerability explanations to AI-assisted generation of merge requests containing the changes required to mitigate vulnerabilities.
[Learn more](/gitlab-duo/#features)
### Streamline identity and access management
Create a seamless experience for users to access security capabilities across the software development lifecycle — instead of logging into multiple separate tools, teams can authenticate into one secure platform.
### Mitigate risk with secret detection
Empower developers to proactively identify and remove leaked secrets in issue and epic descriptions to prevent credentials and other sensitive information from being visible to potential attackers.
### Manage vulnerabilities where developers work
Scan commits for secrets in the IDE before pushing to production and pull security findings into the IDE after pipelines run — so developers don’t have to switch to a different tool to identify and fix vulnerabilities.
### Test and protect APIs
Identify and remediate API vulnerabilities before they make it to production to make APIs safer and reduce data breach risks.
### Automate scan enforcement and approvals
Use security policies to require specific security scans to run, or to ensure that particular security, legal, or compliance requirements are met before a merge request can be merged into the default branch.
[Learn more](/solutions/continuous-software-compliance/)
Developer-first security. More secure development.

Application & API Security
### Access the full breadth of security scanning in a single platform
Pre-build scanning
Check code for security compliance before deployment with secret detection, [static application security testing (SAST)](https://docs.gitlab.com/ee/user/application_security/sast/gitlab_advanced_sast.html)
, infrastructure as code (IaC) scanning, dependency scanning, and license compliance.
Post-build scanning
Simulate hacker inputs and activity in your application with API security testing, operational container scanning, dynamic application security testing (DAST), and fuzz testing.
Software Supply Chain Security
### Stay ahead of threats and deliver software faster
[Learn more](/solutions/supply-chain/)
Dynamic SBOM management
Automatically create a standard software bill of materials (SBOM) with each container or dependency scan, or import an SBOM from your preferred tool — and easily combine multiple CycloneDX SBOMs into one.
Continuous vulnerability scanning
Protect your organization against zero-day attacks by continuously scanning your applications for known open source vulnerabilities, regardless of when your code was last updated.
Compliance & Governance
### Enforce compliance at scale
[Learn more](/solutions/continuous-software-compliance/)
Centralized compliance visibility
Get centralized visibility into audit logs, credential security, and how projects adhere to regulatory compliance requirements.
Flexible policy management
Designate specific security scans and CI jobs that developers can't circumvent, and ensure that security, legal, and compliance requirements are met before code is merged.

"GitLab had all the features and automation we needed in one application. It simplified our work. With all of the road mapping, issue tracking, and security scanning in one place, it’s hard to even compare it with what we were using before. "
Wesley Monroe Technical Project Manager, CACI
[Read the case study](/customers/caci/)
90% savings in labor/admin
13x faster security scanning
Explore all security and compliance features
--------------------------------------------
##### Manage security vulnerabilities, policies, and compliance across your entire organization.
* [Container Scanning](#container-scanning)
* [Software Composition Analysis](#software-composition-analysis)
* [API Security](#api-security)
* [Coverage-guided Fuzz Testing](#fuzz-testing)
* [DAST](#dast)
* [Code Quality](#code-quality)
* [Secret Detection](#secret-detection)
* [SAST](#sast)
* [Vulnerability Explanation](#vulnerability-explanation)
* [Vulnerability Resolution](#vulnerability-resolution)
* [Release Evidence](#release-evidence)
* [Compliance Management](#compliance-management)
* [Audit Events](#audit-events)
* [Software Bill of Materials](#software-bill-of-materials)
* [Dependency Management](#dependency-management)
* [Vulnerability Management](#vulnerability-management)
* [Security Policy Management](#security-policy-management)
* [GitLab Advisory Database](#gitlab-advisory-database)
#### Container Scanning[](#container-scanning)
Scans your container images for known vulnerabilities within the application environment. Image contents are analyzed against public vulnerability databases.Security findings, additional data, and solutions reported in-line with every merge request along with additional data including solutions. Results are presented as a single report. Container Scanning is considered part of Software Composition Analysis.
[Security Scanning IDE integration](https://docs.gitlab.com/ee/editor_extensions/visual_studio_code/#download-the-extension)
[Container Scanning](https://docs.gitlab.com/ee/user/application_security/container_scanning/)
[Automated solutions for Container Scanning vulnerabilities](https://docs.gitlab.com/ee/user/application_security/index.html#solutions-for-vulnerabilities-auto-remediation)
#### Software Composition Analysis[](#software-composition-analysis)
Analyzes external dependencies within your application for known vulnerabilities on each CI/CD code commit. Vulnerabilities, additional data, and solutions are shown in-line with every merge request. Scanner results are collected and presented as a single report. Upon code commit, project dependencies are searched for approved and denied licenses defined by per project custom policies. Software licenses are identified if they are not within policy and are shown in-line for every merge request for immediate resolution.
[Security Scanning IDE integration](https://docs.gitlab.com/ee/editor_extensions/visual_studio_code/#download-the-extension)
[Dependency Scanning](https://docs.gitlab.com/ee/user/application_security/dependency_scanning/)
[Automated solutions for Dependency Scanning vulnerabilities](https://docs.gitlab.com/ee/user/application_security/index.html#solutions-for-vulnerabilities-auto-remediation)
[License Compliance](https://docs.gitlab.com/ee/user/compliance/license_approval_policies.html)
#### API Security[](#api-security)
Secures and protects web Application Programming Interfaces from unauthorized access, misuse, and attacks. Tests for known vulnerabilities by performing penetration testing of APIs with DAST. Finds unknown vulnerabilities by performing Fuzz Testing of web API operation parameters.Users can provide credentials to test authenticated APIs. Vulnerabilities, additional data, and solutions are shown in-line with every merge request.. Scanner results are collected and presented as a single report.
[Security Scanning IDE integration](https://docs.gitlab.com/ee/editor_extensions/visual_studio_code/#download-the-extension)
[API Security Testing](https://docs.gitlab.com/ee/user/application_security/api_security/)
[API Fuzz Testing](https://docs.gitlab.com/ee/user/application_security/api_fuzzing/index.html)
[On-demand API Security Testing scans](https://docs.gitlab.com/ee/user/application_security/dast/#on-demand-scans)
#### Fuzz Testing[](#fuzz-testing)
Sends random inputs to an instrumented version of your application in an effort to cause unexpected behavior in order to identify a bug that needs to be addressed. Helps you discover bugs and potential security issues that other QA processes may miss.
[Security Scanning IDE integration](https://docs.gitlab.com/ee/editor_extensions/visual_studio_code/#download-the-extension)
[Coverage-guided Fuzz Testing](https://docs.gitlab.com/ee/user/application_security/coverage_fuzzing/)
#### DAST[](#dast)
Runs automated penetration tests to find vulnerabilities in web applications and APIs as they are running. DAST can run live attacks against a Review App, an externally deployed application, or an active API. Scans can be run for every merge request, on a schedule, or even on-demand. DAST supports user inputted HTTP credentials to test private areas of your application. Vulnerabilities, additional data, and solutions are shown in-line with every merge request. Scanner results are presented as a single report.
[Security Scanning IDE integration](https://docs.gitlab.com/ee/editor_extensions/visual_studio_code/#download-the-extension)
[Dynamic Application Security Testing](https://docs.gitlab.com/ee/user/application_security/dast/)
[On-demand DAST](https://docs.gitlab.com/ee/user/application_security/dast/#on-demand-scans)
[Site and Scanner profiles for On-demand DAST scans](https://docs.gitlab.com/ee/user/application_security/dast/#site-profile)
[DAST Configuration UI](https://docs.gitlab.com/ee/user/application_security/dast/#configure-dast-using-the-ui)
[Scheduling On-demand DAST scans](https://docs.gitlab.com/ee/user/application_security/dast/#schedule-an-on-demand-scan)
[DAST](https://docs.gitlab.com/ee/user/application_security/dast/)
#### Code Quality[](#code-quality)
Analyzes your source code quality and complexity. This helps keep your project’s code simple, readable, and easier to maintain.
[Code Quality MR Widget](https://docs.gitlab.com/ee/ci/testing/code_quality.html#merge-request-widget)
[Code Quality Reports](https://docs.gitlab.com/ee/ci/testing/code_quality.html#code-quality-report-format)
[Code Quality violation notices in MR diffs](https://docs.gitlab.com/ee/ci/testing/code_quality.html#pipeline-details-view)
#### Secret Detection[](#secret-detection)
Scans your repository to help prevent your secrets from being exposed. Secret Detection scanning works on all text files, regardless of the language or framework used. Code pushed to a remote Git branch can be rejected if a secret is detected.
[Security Scanning IDE integration](https://docs.gitlab.com/ee/editor_extensions/visual_studio_code/#download-the-extension)
[Secret Detection](https://docs.gitlab.com/ee/user/application_security/secret_detection/)
[Custom Rulesets for Secret Detection](https://docs.gitlab.com/ee/user/application_security/secret_detection/pipeline/index.html#customize-analyzer-rulesets)
[Full Git History Secret Detection](https://docs.gitlab.com/ee/user/application_security/secret_detection/#full-history-secret-scan)
[Automatic Response to Leaked Secrets](https://docs.gitlab.com/ee/user/application_security/secret_detection/automatic_response/)
[Secret Push Protection (Beta)](https://docs.gitlab.com/ee/user/application_security/secret_detection/pre_receive/)
#### SAST[](#sast)
Scans your application source code and binaries to spot potential vulnerabilities before deployment. SAST supports scanning a variety of different programming languages and automatically chooses the right analyzer even if your project uses more than one language. Vulnerabilities, additional data, and solutions are shown in-line with every merge request. Scanner results are collected and presented as a single report.
[Static Application Security Testing](https://docs.gitlab.com/ee/user/application_security/sast/)
[Configuration UI](https://docs.gitlab.com/ee/user/application_security/configuration/)
[Security Scanning IDE integration](https://docs.gitlab.com/ee/editor_extensions/visual_studio_code/#download-the-extension)
[Custom Rulesets for SAST](https://docs.gitlab.com/ee/user/application_security/sast/#custom-rulesets)
[Infrastructure as Code (IaC) Security Scanning](https://docs.gitlab.com/ee/user/application_security/iac_scanning/)
#### Vulnerability Explanation[](#vulnerability-explanation)
Helps you remediate vulnerabilities more efficiently, boost your skills, and write more secure code.
[Vulnerability Explanation](https://docs.gitlab.com/ee/user/application_security/vulnerabilities/index.html#explaining-a-vulnerability)
#### Vulnerability Resolution[](#vulnerability-resolution)
Generates a merge request containing the changes required to mitigate a vulnerability.
[Vulnerability Resolution](https://docs.gitlab.com/ee/user/application_security/vulnerabilities/index.html#vulnerability-resolution)
#### Release Evidence[](#release-evidence)
Release Evidence provides assurances and evidence collection that are necessary for you to trust the changes you're delivering. When a release is created, GitLab takes a snapshot of relevant release data as evidence that it occurred.
[Release Evidence](https://docs.gitlab.com/ee/user/project/releases/#release-evidence)
#### Compliance Management[](#compliance-management)
Compliance Management provides customers with the tools necessary to ensure and manage their compliance programs.
[Compliance pipeline configuration](https://docs.gitlab.com/ee/user/group/compliance_pipelines.html)
[Custom compliance frameworks](https://docs.gitlab.com/ee/user/group/compliance_frameworks.html)
[Compliance frameworks report](https://docs.gitlab.com/ee/user/compliance/compliance_center/compliance_frameworks_report.html)
[Customizable system header and footer messages](https://docs.gitlab.com/ee/administration/appearance.html)
[Require a Jira issue before merging code](https://docs.gitlab.com/ee/integration/jira/issues.html#require-associated-jira-issue-for-merge-requests-to-be-merged)
[Compliance standards adherence report](https://docs.gitlab.com/ee/user/compliance/compliance_center/#standards-adherence-dashboard)
[Violations report](https://docs.gitlab.com/ee/user/compliance/compliance_center/compliance_violations_report.html)
[Enforce merge request approval settings](https://docs.gitlab.com/ee/user/project/merge_requests/approvals/settings)
#### Audit Events[](#audit-events)
Compliance Management provides customers with the tools necessary to ensure and manage their compliance programs.
[Audit events report](https://docs.gitlab.com/ee/administration/audit_event_reports.html)
[Audit events CSV export](https://docs.gitlab.com/ee/administration/audit_event_reports.html#exporting-audit-events)
[Chain of custody report](https://docs.gitlab.com/ee/user/compliance/compliance_center/compliance_violations_report.html#chain-of-custody-report)
[Auditor access](https://docs.gitlab.com/ee/administration/auditor_users)
[Streaming Audit Events](https://docs.gitlab.com/ee/administration/audit_event_streaming/)
#### Software Bill of Materials[](#software-bill-of-materials)
GitLab allows you to secure your software supply chain including push rules, code scanning, SBOM management, and enforcement of compliance policies.
[Software Bill of Materials](https://docs.gitlab.com/ee/user/application_security/dependency_list/)
#### Dependency Management[](#dependency-management)
Dependency Management allows users to review project/group dependencies and key details about those dependencies, including their vulnerabilities, licenses, and packager.
[Dependency Management](https://docs.gitlab.com/ee/user/application_security/dependency_list/)
#### Vulnerability Management[](#vulnerability-management)
Vulnerability Management enables collaboration between security teams by providing a uniform interface to assess the security posture of their applications. Security teams can view, triage, trend, track, and resolve vulnerabilities detected by the various GitLab scanners.
[Security Scanning IDE integration](https://docs.gitlab.com/ee/editor_extensions/visual_studio_code/#download-the-extension)
[Vulnerability Management](https://about.gitlab.com/direction/govern/threat_insights/vulnerability_management/)
[Standalone Vulnerability Objects](https://docs.gitlab.com/ee/user/application_security/#interacting-with-the-vulnerabilities)
[Vulnerability Reports](https://docs.gitlab.com/ee/user/application_security/vulnerability_report/)
[Security Dashboards](https://docs.gitlab.com/ee/user/application_security/security_dashboard/index.html)
[Create Jira issues from vulnerabilities](https://docs.gitlab.com/ee/user/application_security/vulnerabilities/#create-a-gitlab-issue-for-a-vulnerability)
[Security Scan summary in Merge Requests](https://about.gitlab.com/releases/2020/10/22/gitlab-13-5-released/#improved-merge-request-experience-for-security-scans)
[Integrated security training](https://docs.gitlab.com/ee/user/application_security/vulnerabilities/#enable-security-training-for-vulnerabilities)
#### Security Policy Management [](#security-policy-management)
Unified security policy management provides security and compliance teams with a way to enforce controls across their organization for all of GitLab's scanners and security technologies.
[Security Policies](https://docs.gitlab.com/ee/user/application_security/policies)
[Security Approvals](https://docs.gitlab.com/ee/user/application_security/index.html#security-approvals-in-merge-requests)
[License Approvals](https://docs.gitlab.com/ee/user/compliance/license_approval_policies.html)
[Merge Request Approval Policies](https://docs.gitlab.com/ee/user/application_security/policies/scan-result-policies.html)
[External status checks](https://docs.gitlab.com/ee/user/project/merge_requests/status_checks.html)
[Security Policy Scopes](https://docs.gitlab.com/ee/user/application_security/policies/scan-execution-policies.html#security-policy-scopes)
#### GitLab Advisory Database[](#gitlab-advisory-database)
The GitLab Advisory Database is a continuously updated repository of security advisories for software dependencies, essential for Dependency and Container Scanning.
[GitLab Advisory Database](https://docs.gitlab.com/ee/user/application_security/gitlab_advisory_database/)
##### With GitLab's comprehensive security solution, you can stay ahead of compliance issues and security concerns from day one.
Ready to provide your teams with the tools they need to maintain a secure and compliant development environment?
[Contact sales to get started](/sales/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Sales | GitLab
[\
\
AI-driven DevSecOps.\
\
New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
Talk to an Expert
=================
Want to see a custom demo or get help finding the right plan?
We'd love to chat.
Looking for technical help?
---------------------------
Please contact customer support by submitting a case on our GitLab Support page.
[Contact support](https://support.gitlab.com/)
[\
\
Without GitLab, we'd be wasting engineering time with lots of individual little servers being managed around the world. We would probably have a lot more headaches and still be suffering with scalability problems.\
\
\- Patrick Herlihy, Configuration Management Specialist, NVIDIA](/customers/nvidia/)
[\
\
Without GitLab, we'd be wasting engineering time with lots of individual little servers being managed around the world. We would probably have a lot more headaches and still be suffering with scalability problems.\
\
\- Patrick Herlihy, Configuration Management Specialist, NVIDIA](/customers/nvidia/)
[\
\
Without GitLab, we'd be wasting engineering time with lots of individual little servers being managed around the world. We would probably have a lot more headaches and still be suffering with scalability problems.\
\
\- Patrick Herlihy, Configuration Management Specialist, NVIDIA](/customers/nvidia/)
[\
\
Without GitLab, we'd be wasting engineering time with lots of individual little servers being managed around the world. We would probably have a lot more headaches and still be suffering with scalability problems.\
\
\- Patrick Herlihy, Configuration Management Specialist, NVIDIA](/customers/nvidia/)
[\
\
Without GitLab, we'd be wasting engineering time with lots of individual little servers being managed around the world. We would probably have a lot more headaches and still be suffering with scalability problems.\
\
\- Patrick Herlihy, Configuration Management Specialist, NVIDIA](/customers/nvidia/)
[\
\
Without GitLab, we'd be wasting engineering time with lots of individual little servers being managed around the world. We would probably have a lot more headaches and still be suffering with scalability problems.\
\
\- Patrick Herlihy, Configuration Management Specialist, NVIDIA](/customers/nvidia/)
[\
\
Without GitLab, we'd be wasting engineering time with lots of individual little servers being managed around the world. We would probably have a lot more headaches and still be suffering with scalability problems.\
\
\- Patrick Herlihy, Configuration Management Specialist, NVIDIA](/customers/nvidia/)
[\
\
Without GitLab, we'd be wasting engineering time with lots of individual little servers being managed around the world. We would probably have a lot more headaches and still be suffering with scalability problems.\
\
\- Patrick Herlihy, Configuration Management Specialist, NVIDIA](/customers/nvidia/)
[\
\
Without GitLab, we'd be wasting engineering time with lots of individual little servers being managed around the world. We would probably have a lot more headaches and still be suffering with scalability problems.\
\
\- Patrick Herlihy, Configuration Management Specialist, NVIDIA](/customers/nvidia/)
[\
\
Without GitLab, we'd be wasting engineering time with lots of individual little servers being managed around the world. We would probably have a lot more headaches and still be suffering with scalability problems.\
\
\- Patrick Herlihy, Configuration Management Specialist, NVIDIA](/customers/nvidia/)
01 - 10
Please complete all fields
FAQ
---------
### License and Subscription
Show all
I already have an account, how do I upgrade?
Head over to [https://customers.gitlab.com](https://customers.gitlab.com)
, choose the plan that is right for you.
[](/sales/#i-already-have-an-account--how-do-i-upgrade)
Can I add more users to my subscription?
Yes. You have a few options. You can add users to your subscription any time during the subscription period. You can log in to your account via the [GitLab Customers Portal](https://customers.gitlab.com)
and add more seats or [contact sales](/sales/)
for a quote. In either case, the cost will be prorated from the date of quote/purchase through the end of the subscription period. You may also pay for the additional licenses per our true-up model.
[](/sales/#can-i-add-more-users-to-my-subscription)
How will I be charged for add-on users?
If you have [quarterly subscription reconciliation](https://docs.gitlab.com/ee/subscriptions/quarterly_reconciliation.html)
enabled (default option for new and renewing subscriptions after Aug 1, 2021), users added during a quarter will only be charged for the remaining quarters of their subscription term as opposed to the full annual subscription fee(s) with annual true-ups. For example, if you add 50 users to your subscription during the third quarter of your subscription term, the 50 users will only be charged for the fourth quarter of your subscription term as opposed to all four quarters as per annual true-ups.
If you do not have quarterly subscription reconciliation enabled, add-on users will be charged annual true-ups for the full term during which they were added. For example, if you have 100 active users today, you should purchase a 100 user subscription. Suppose that when you renew next year you have 300 active users (200 extra users). When you renew you pay for a 300 user subscription and you also pay the full annual fee for the 200 users that you added during the year.
[](/sales/#how-will-i-be-charged-for-add-on-users)
What happens when my subscription is about to expire or has expired?
You will receive a new license that you will need to upload to your GitLab instance. This can be done by following [these instructions](https://docs.gitlab.com/ee/user/admin_area/license.html)
.
[](/sales/#what-happens-when-my-subscription-is-about-to-expire-or-has-expired)
What happens if I decide not to renew my subscription?
14 days after the end of your subscription, your key will no longer work and GitLab Enterprise Edition will not be functional anymore. You will be able to downgrade to GitLab Community Edition, which is free to use.
[](/sales/#what-happens-if-i-decide-not-to-renew-my-subscription)
Can I acquire a mix of licenses?
No, all users in the group need to be on the same plan.
[](/sales/#can-i-acquire-a-mix-of-licenses)
How does the license key work?
The license key is a static file which, upon uploading, allows GitLab Enterprise Edition to run. During license upload we check that the active users on your GitLab Enterprise Edition instance doesn't exceed the new number of users. During the licensed period you may add as many users as you want. The license key will expire after one year for GitLab subscribers.
[](/sales/#how-does-the-license-key-work)
### Payments and Pricing
Show all
What is a user?
User means each individual end-user (person or machine) of Customer and/or its Affiliates (including, without limitation, employees, agents, and consultants thereof) with access to the Licensed Materials hereunder.
[](/sales/#what-is-a-user)
Is the listed pricing all inclusive?
The listed prices may be subject to applicable local and withholding taxes. Pricing may vary when purchased through a partner or reseller.
[](/sales/#is-the-listed-pricing-all-inclusive)
What features are included in GitLab self-managed and SaaS across the pricing plans?
You can find an up to date list on the [features page](/features/)
.
[](/sales/#what-features-are-included-in-gitlab-self--managed-and-saas-across-the-pricing-plans)
Can I import my projects from another provider?
Yes. You can import your projects from most of the existing providers, including GitHub and Bitbucket. [See our documentation](https://docs.gitlab.com/ee/user/project/import/index.html)
for all your import options.
[](/sales/#can-i-import-my-projects-from-another-provider)
Do you have special pricing for open source projects, educational institutions, or startups?
Yes! We provide free Ultimate licenses, along with 50K compute minutes/month, to qualifying open source projects, educational institutions, and startups. Find out more by visiting our [GitLab for Open Source](/solutions/open-source/)
, [GitLab for Education](/solutions/education/)
, and [GitLab for Startups](/solutions/startups/)
program pages.
[](/sales/#do-you-have-special-pricing-for-open-source-projects--educational-institutions--or-startups)
How does GitLab determine what future features fall into given tiers?
On this page we represent our [capabilities](/company/pricing/#capabilities)
and those are meant to be filters on our [buyer-based open core](/company/pricing/#buyer-based-tiering-clarification)
pricing model. You can learn more about how we make tiering decisions on our [pricing handbook](/handbook/ceo/pricing)
page.
[](/sales/#how-does-gitlab-determine-what-future-features-fall-into-given-tiers)
### GitLab SaaS
Show all
Where is SaaS hosted?
Currently we are hosted on the Google Cloud Platform in the USA
[](/sales/#where-is-saas-hosted)
What features are not available on GitLab SaaS?
Some features are unique to self-managed and do not apply to SaaS. You can find an up to date list on the [features page](/features/)
.
[](/sales/#what-features-are-not-available-on-gitlab-saas)
### Storage Limits
Show all
What are the current GitLab.com storage limits?
Projects on GitLab.com have a [10 GiB storage limit](https://docs.gitlab.com/ee/user/usage_quotas.html)
on their Git repository and LFS storage.
[](/sales/#what-are-the-current-gitlab-com-storage-limits)
### Compute minutes
Show all
What are compute minutes?
Compute minutes are the execution time (in minutes) for your pipelines on our shared runners. Execution on your own runners will not increase your compute minutes count and is unlimited.
[](/sales/#what-are-compute-minutes)
What happens if I reach my minutes limit?
If you reach your limits, you can [manage your compute usage](/pricing/faq-consumption-cicd/#managing-your-cicd-minutes-usage)
, [purchase additional compute minutes](https://docs.gitlab.com/ee/subscriptions/gitlab_com/#purchase-additional-ci-minutes)
, or upgrade your account to Premium or Ultimate. Your own runners can still be used even if you reach your limits.
[](/sales/#what-happens-if-i-reach-my-minutes-limit)
Does the minute limit apply to all runners?
No. We will only restrict your minutes for our shared runners (SaaS only). If you have a [specific runner setup for your projects](https://docs.gitlab.com/runner/)
, there is no limit to your build time on GitLab SaaS.
[](/sales/#does-the-minute-limit-apply-to-all-runners)
Do plans increase the minutes limit depending on the number of users in that group?
No. The limit will be applied to a group, no matter the number of users in that group.
[](/sales/#do-plans-increase-the-minutes-limit-depending-on-the-number-of-users-in-that-group)
Why do I need to enter credit/debit card details for free compute minutes?
There has been a massive uptick in abuse of free compute minutes available on GitLab.com to mine cryptocurrencies - which creates intermittent performance issues for GitLab.com users. To discourage such abuse, credit/debit card details are required if you choose to use GitLab.com shared runners. Credit/debit card details are not required if you bring your own runner or disable shared runners. When you provide the card, it will be verified with a one-dollar authorization transaction. No charge will be made and no money will transfer. Learn more [here](/blog/2021/05/17/prevent-crypto-mining-abuse/)
[](/sales/#why-do-i-need-to-enter-credit-debit-card-details-for-free-compute-minutes)
Is there a different compute minutes limit for public projects?
Yes. Public projects created after 2021-07-17 will have an allocation of [compute minutes](https://docs.gitlab.com/ee/subscriptions/gitlab_com/index.html#ci-pipeline-minutes)
as follows: Free tier - 50,000 minutes, Premium tier - 1,250,000 minutes, Ultimate tier - 6,250,000.
[](/sales/#is-there-a-different-compute-minutes-limit-for-public-projects)
Ready to get started?
---------------------
See what your team can do with the most comprehensive AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_content=default-saas-trial&glm_source=about.gitlab.com/)
---
# Value Stream Management | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
Optimize software delivery processes & performance
==================================================
Value Stream Management
-----------------------
GitLab empowers teams with metrics and insights to ship better software faster.
[Start your free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/&glm_content=default-saas-trial)
[Questions? Contact us](/sales/)

Trusted By:
-----------
[](/customers/hilti/)
[](/customers/airbus/)
[](/customers/hemmersbach)
[](/customers/fullsave/)
[](/customers/zoopla/)
* [Overview](#overview)
* [Capabilities](#capabilities)
* [Customers](#customers)
* [Pricing](#pricing)
* [Resources](#resources)

Focus on delivering customer value
--------------------------------------
###
Break down organizational silos
One platform to drive your organization’s business outcomes
[Learn more](/platform/)
###
Gain actionable insights
Drive continuous improvement with visibility across your entire software delivery process.
[Learn more about Analytics & Insights](https://about.gitlab.com/solutions/analytics-and-insights/)
###
Optimize workflows
Get a unified view of your DevSecOps metrics to resolve process bottlenecks and achieve business goals faster.
[Learn more about digital transformation](https://about.gitlab.com/solutions/digital-transformation/)
Continuous monitoring. Continuous improvement
---------------------------------------------
### Value Streams Dashboard
Track key metrics throughout the software development lifecycle, assess the impact of process improvements, and drill down into roadblocks. Compare best practices across teams to improve workflow and deliver customer value faster.
[Learn more](https://docs.gitlab.com/ee/user/analytics/value_streams_dashboard.html)
### DORA4 metrics
Collect actionable out-of-the-box DORA metrics to benchmark your engineering teams, improve DevOps efficiency and communicate software delivery performance updates to business stakeholders.
[Learn more](https://about.gitlab.com/solutions/value-stream-management/dora/)
### Value Stream Analytics
Visualize flow and lifecycle metrics across DevSecOps workstreams to identify inefficiencies and opportunities for workflow improvements.
[Learn more](https://docs.gitlab.com/ee/user/group/value_stream_analytics/index.html)
### Value Stream Forecasting
GitLab Duo, our suite of AI capabilities provides value stream forecasting that predicts your productivity metrics to identify potential areas for future improvement and improve planning and decision-making.
[Learn more](/gitlab-duo/)
#### Optimize your workflow for faster value delivery
Try an interactive demo on how to detect work items that are slowing down delivery across projects

Launch demo

12X faster deployment time "Deployment times have decreased from an average of three hours to just 15 minutes with GitLab."
Daniel Widerin Head of Software Delivery, Hilti
[Learn more](/customers/hilti/)
Which tier is right for you?
----------------------------
[Which tier is right for you?](/pricing/)
### Free
Essential features for individual users
* Project Level Value Stream Analytics
[Learn more](/pricing/)
### Premium
Enhance team productivity and coordination
* Issue Analytics
* Group Level Value Stream Analytics
* Contribution Analytics
* Productivity Analytics
* Code Review Analytics
[Learn more](/pricing/)
### Ultimate
Organization-wide security, compliance, and planning
* Value Streams Dashboard with Lifecycle, DORA4, merge request, and vulnerability metrics
* Insights - Value Stream Management
* DORA4 Metrics
* Custom DORA reporting
[Start your free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/&glm_content=default-saas-trial)
[Learn more](/pricing/)
Related Resources
-----------------
[Analyst Report\
\
 \
\
### GitLab named a Leader in the Gartner® Magic Quadrant™ for DevOps Platforms\
\
Learn more](/gartner-magic-quadrant/)
[Blog\
\
 \
\
### Value stream management: Total Time Chart simplifies top-down optimization flow\
\
Learn more](https://about.gitlab.com/blog/2023/06/01/value-stream-total-time-chart/)
[Blog\
\
 \
\
### GitLab's 3 steps to optimizing software value streams\
\
Learn more](https://about.gitlab.com/blog/2023/06/26/three-steps-to-optimize-software-value-streams/)
Video

### Value Streams Dashboard
Learn more
Video

### DORA metrics in GitLab One DevOps Platform
Watch now
[Download\
\
 \
\
### GitLab Value Stream Workshop\
\
Know more](https://assets.ctfassets.net/xz1dnu24egyd/7yAsrBSOaqhAuDuYCtSkZY/368dca68c3b845816b73fe844d1352a0/Value_Stream_Assessment_1-Pager.pdf)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Get started with GitLab | GitLab
[\
\
AI-driven DevSecOps.\
\
New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
Get Started with GitLab
===========================
New to GitLab and not sure where to start? We'll walk you through the basics so you know what to expect along the way.
[Start your free trial](https://gitlab.com/-/trials/new?glm_content=default-saas-trial&glm_source=about.gitlab.com%2Fplatform/)
[Watch a demo](/demo/)

Quick setup checklists
----------------------
### Put your business first
* [For Small Business](/get-started/small-business/)
* [For Enterprise](/get-started/enterprise/)
* [For building your business case](/get-started/build-business-case/)
* [Why GitLab](/why-gitlab/)
### Get the most from GitLab
* [For scaling your GitLab usage](https://docs.gitlab.com/ee/development/scalability)
* [Get Started with Continuous Integration](/get-started/continuous-integration/)
* [For setting up security and compliance](/solutions/continuous-software-security-assurance/)
* [For installing newer versions](https://docs.gitlab.com/ee/update/)
* [For up-tiering](/pricing/)
* [For using more capabilities](/features/)
### Make a seamless transition
* [For transitioning from GitHub](https://docs.gitlab.com/ee/user/project/import/github.html)
* [For importing your project issues from Jira](https://docs.gitlab.com/ee/user/project/import/jira.html)
* [For migrating other projects to GitLab](https://docs.gitlab.com/ee/user/project/import/)

[#### GitLab Docs\
\
Documentation for GitLab Community Edition, GitLab Enterprise Edition, Omnibus GitLab, and GitLab Runner.\
\
Visit Docs](https://docs.gitlab.com/)
[#### Developer Portal\
\
Documentation for contributors to the GitLab Project -- information about our codebase, APIs, webhooks, design system, UI framework, and more!\
\
See Developer Portal](https://developer.gitlab.com/)
[#### Blog\
\
Visit the GitLab blog to learn about releases, applications, contributions, news, events, and more.\
\
Read the Blog](/blog/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_content=default-saas-trial&glm_source=about.gitlab.com/)
[Talk to sales](/sales/)
---
# Why GitLab? | GitLab
[\
\
AI-driven DevSecOps.\
\
New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
10 reasons why
enterprises choose GitLab
=========================
GitLab is the most comprehensive AI-powered DevSecOps platform.
[Start your free trial](https://gitlab.com/-/trial_registrations/new?glm_source=localhost/why-gitlab&glm_content=default-saas-trial/)

Jump to a section
01
--
### 7x faster cycle time
GitLab helps companies manage the growing complexities of developing, securing, and deploying software. By reducing toolchain sprawl, teams on GitLab spend less time maintaining tools — equaling 7x faster cycles, better developer productivity, reduced software spend, and more time to focus on the features that set your business apart.

We were spending too much time and budget procuring and supporting our toolchain, which had grown to 12 tools. We needed to minimize toolchain maintenance and support as much as possible so our teams could focus on actually creating new feature delivery and not just taking care of all these different tools. Indirectly, it's a benefit for the whole business. That's what it's all about, really — how to be as efficient as possible to get features out to customers.”
Mark Portofe, Director of Platform Engineering, CARFAX
[Learn more](/customers/carfax/)
02
--
### Integrated AI across the software development lifecycle
Boost efficiency and reduce cycle times with the help of AI throughout the entire software development lifecycle. Our AI-powered workflows, GitLab Duo, support teams at every stage from coding and testing to security, documentation, and governance.
2023 Global DevSecOps Report
AI should help developers accomplish all of their software development and deployment tasks, not just create faster code. While a quarter of developer's time is spent coding, fully 75% is spent on all other tasks like testing, securing, and analyzing software.
\- The State of AI in Software Development
[Learn more](/developer-survey/)
03
--
### Privacy-first AI, with the right model for the right use case
AI can be complex. At GitLab, our approach is straightforward: your code remains your code, unused for training or fine tuning of our own models. Code Suggestions do not use customer code, and since GitLab isn't commercially tied to any LLM provider, we match the right model based on your use case. Easily choose what works for you, or change when a model no longer aligns to your business or technology strategy.
2023 Global DevSecOps Report
Privacy matters. 95% of executive respondents said privacy and protection of intellectual property are important when evaluating an AI tool or feature. 79% of respondents said they are concerned about AI tools having access to private information or intellectual property.
\- The State of AI in Software Development
[Learn more](/developer-survey/)
04
--
### Security automation and governance at every step
GitLab enables security at scale, offering platform-wide governance to secure the software supply chain. GitLab's automated guardrails ensures security in the production environment. GitLab's security features allow customers to set granular policies and rules that automate compliance, enabling you to secure the software supply chain. Our security automation allows your developers to minimize manual repetitive tasks so they can focus on deep, value generating work. Our governance guardrails also assure the security team that developers are following best practices across the entire company.

HackerOne's engineering team saved four to five hours a day per engineer by consolidating the work previously spent on deployment testing.
[Read more](/customers/hackerone/)

Dunelm needed a platform that could build pipelines seamlessly, and had security built in from the onset. By using GitLab to improve security processes throughout the software development lifecycle, Dunelm accelerated deployments by 7 times.
[Learn more](/customers/dunelm/)
05
--
### End-to-end compliance and auditability
Security-specific tools that aren't used consistently fail to protect organizations and their customers. GitLab's comprehensive governance solution enforces requirements across all projects, separating developer and security/compliance teams. Using our policy editor, you can customize approval rules to meet your business' compliance needs and reduce risk.

Compliance is a critical issue for Lockheed Martin. Using GitLab's compliance framework to enforce software quality and automation to make releases and dependency management more efficient has led to 80x faster pipeline builds, with 90% less time spent on system maintenance.
[Learn more](/customers/lockheed-martin/)
06
--
### Flexible deployment
Modern enterprises need deployment flexibility — especially organizations with complex security, compliance, and regulatory requirements. Choose from on-premises, multi-tenant SaaS, or [GitLab Dedicated](/dedicated/)
, our fully managed single-tenant SaaS solution. With Dedicated, we'll handle the management and deployment of your DevSecOps platform, saving operational costs while bringing you the control and compliance of self-hosted. Also included: full data and source code isolation, data residence, and private networking.

NatWest Group is adopting GitLab Dedicated to enable our engineers to use a common cloud engineering platform; delivering new customer outcomes rapidly, frequently and securely with high quality, automated testing, on demand infrastructure and straight-through deployment. This will significantly enhance collaboration, improve developer productivity and unleash creativity via a 'single-pane-of-glass' for software development.”
Adam Leggett, Platform Lead - Engineering Platforms, NatWest Group
07
--
### End-to-end metrics and visibility across the software delivery lifecycle
The key to creating value stream-driven software development? Metrics. This approach leverages people, process, and technology to go from idea to customer value with the fastest cycle time possible. With one unified data store, teams on GitLab can measure efficiency, productivity, and other key metrics in one place. Get a holistic view of everything from DevOps adoption to developer productivity, vulnerability detection, software quality, innovation, and more.

The team at Chorus credits GitLab for helping them improve their feature cycle analytics. By having test results, security reviews, performance tests, the code climate, and everything in the merge requests, Chorus has been able to move quickly.
[Learn more](/customers/chorus/)
08
--
### Built-in Enterprise Agile Delivery
Organizations need software and product planning to be integrated with the rest of the development lifecycle versus treated like a siloed activity. GitLab's Enterprise Agile Delivery is built into the same DevSecOps platform that development, security, and operations teams use to develop and deploy software, creating a more efficient experience and improving time to market.

Iron Mountain sees GitLab as an important part of Enterprise Architecture and Platforms' enablement of agile methods and helpful to the company's evolution to DevOps. GitLab Ultimate SaaS does the maintenance, so developers can focus on development, reducing 20 hours of onboarding time per project and around $150,000 in cost savings per year.
GitLab has provided us with the foundation and platform to enable our scaled agile framework. We are able to collaborate within our Enterprise IT teams and our key stakeholders.”
Hayelom Tadesse, Vice President of Enterprise Technology, Iron Mountain
[Learn more](/customers/iron-mountain/)
09
--
### A multi-cloud strategy with no vendor lock-in
Choosing a DevSecOps platform should mean choosing the clouds that fit your business and technology strategy. Since GitLab isn't commercially tied to any specific cloud provider, you can de-risk your multi-cloud strategy and avoid being locked into a single vendor.

With GitLab, Bendigo and Adelaide Bank has embraced cloud technology and has automated manual processes. In migrating to GitLab, the team moved 1,500 projects, over 30 organizations, 500 users, and 50GB of data in less than four weeks.
GitLab helps us with multi-cloud deployments. We can deploy runners in any infrastructure, and we're currently using them to deploy to AWS and GCP. Deploying to the cloud has been simple, and in the year we've been using GitLab, we're in a good position to meet our goal of moving to the cloud.”
Caio Trevisan, Head of DevOps Enablement, Bendigo and Adelaide Bank
[Learn more](/customers/bab/)
010
---
### An open core DevSecOps platform that you can make your own
Better collaboration, faster innovation. Customize your DevSecOps platform with GitLab's open core, empowering you to build a solution that truly meets your needs — while shaping the future of our roadmap and DevSecOps.

In an open source model, every time there was a gap, or an issue, or something we just needed your help with, we could reach out to GitLab and say, 'Can we work on this together? Is there a way to improve this?' That's the value, and that's one of the reasons we went with GitLab.”
Rick Carey, Group Chief Technology Officer, UBS
[Learn more](/blog/2021/08/04/ubs-gitlab-devops-platform/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_content=default-saas-trial&glm_source=about.gitlab.com/)
[Talk to sales](/sales/)
---
# GitLab Duo | GitLab
[\
\
AI-driven DevSecOps.\
\
New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[GitLab Duo Enterprise is now available. Ship more secure software faster with AI throughout the entire SDLC.](/solutions/gitlab-duo-pro/sales/)

Ship more secure software faster with AI throughout the entire software development lifecycle
=============================================================================================
[Get Started](/solutions/gitlab-duo-pro/sales/)
AI across the software development lifecycle
--------------------------------------------
From planning and coding to securing and deploying, Duo is the only AI solution that supports developers at every stage of their workflow.
------------------------------------------------------------------------------------------------------------------------------------------
AI that is privacy-first
With GitLab Duo, you control which users, projects, and groups can use AI-powered capabilities. Also, your organization’s proprietary code and data aren’t used to train AI models.
Improved developer experience
Give your developers a single platform that integrates the best AI model for each use case across the entire workflow, from understanding code to fixing security vulnerabilities.
Committed to transparent AI
For organizations and teams to trust AI, it must be transparent. GitLab’s [AI Transparency Center](/ai-transparency-center/)
details how we uphold ethics and transparency in our AI-powered features.
Code
Boost productivity with smart code assistance
---------------------------------------------
Write secure code faster with AI-powered suggestions in over 20 languages, available in your favorite IDE. Automate routine tasks and accelerate development cycles.
Search
Your AI companion throughout development
----------------------------------------
Get real-time guidance across the entire software development lifecycle. Generate tests, explain code, refactor efficiently, and chat directly in your IDE or web interface.
Troubleshoot
Quickly resolve CI/CD pipeline issues
-------------------------------------
Save time troubleshooting with AI-assisted root cause analysis for CI/CD job failures. Get suggested fixes and focus on critical tasks.
Secure
Fortify your code with AI-powered security
------------------------------------------
Understand and remediate vulnerabilities more efficiently. Get detailed explanations and auto-generated merge requests to mitigate security risks.
Measure
Measure the ROI of your AI investment
-------------------------------------
Track AI effectiveness in real-time. See concrete improvements in cycle times and deployment frequencies, quantifying your return on investment.


### GitLab named a Leader in the 2024 Gartner® Magic Quadrant™ for AI Code Assistants
[Read the report](/gartner-mq-ai-code-assistants/)
AI-powered features across the software development lifecycle
-------------------------------------------------------------
[### Chat\
\
Processes and generates text and code in a conversational manner. Helps you quickly identify useful information in large volumes of text in issues, epics, code, and GitLab documentation.\
\
Read More](https://docs.gitlab.com/ee/user/gitlab_duo_chat/index.html)
[### Code Explanation\
\
Helps you understand code by explaining it in natural language.\
\
Read More](https://docs.gitlab.com/ee/user/gitlab_duo/index.html/#code-explanation)
[### Code Suggestions\
\
Helps developers write secure code more efficiently and accelerate cycle times by taking care of repetitive, routine coding tasks.\
\
Read More](https://docs.gitlab.com/ee/user/project/repository/code_suggestions/index.html)
[### GitLab Duo for the CLI\
\
Discover or recall Git commands when and where you need them.\
\
Read More](https://docs.gitlab.com/ee/editor_extensions/gitlab_cli/index.html/#gitlab-duo-commands)
[### Test Generation\
\
Automates repetitive tasks and helps catch bugs early.\
\
Read More](https://docs.gitlab.com/ee/user/gitlab_duo/#test-generation)
An Ultimate license will allow for testing certain capabilities listed as Experiments or in Beta subject to the [GitLab Testing Agreement](https://handbook.gitlab.com/handbook/legal/testing-agreement/)
. Once an AI feature moves from Beta to General Availability, customers with either a Premium or Ultimate license may continue to use the GitLab Duo capabilities by purchasing the GitLab Duo Pro or GitLab Duo Enterprise add-on.
What's next
### Meet GitLab Duo Workflow
The future of secure agentic AI software development. GitLab Duo Workflow is an autonomous AI agent that lives right where you code—helping turn development tasks into streamlined workflows with the power of GitLab's comprehensive DevSecOps platform.
[Read the blog post](/blog/2025/02/24/gitlab-duo-workflow-enterprise-visibility-and-control-for-agentic-ai/)

Pricing
-------
GitLab Duo
### Pro[](#pro)
For developers that want to focus on innovation and deliver high-quality software
$19
per user/month,
billed annually
[Get Started](/solutions/gitlab-duo-pro/sales/)
Features include:
Organizational User Controls
* User permissions for AI capabilities
Code Suggestions
* Code generation
* Code completion
* Available in many popular IDEs and supports over 20 programming languages
Chat
* Code explanation
* Test generation
* Code refactoring
Available for Ultimate and Premium customers.
New
GitLab Duo
### Enterprise[](#enterprise)
For organizations that want AI throughout the software development lifecycle
Contact sales for pricing
[Get Started](/solutions/gitlab-duo-pro/sales/?type=contact-sales/)
Everything from GitLab Duo Pro, plus:
Summarization and Templating tools
* Discussion summary
* Merge request summary
* Code review summary
Security and Vulnerability tools
* Vulnerability explanation
* Vulnerability resolution
Advanced Chat with
* Merge Request context
* Issue and Epic context
Advanced Troubleshooting
* Root Cause Analysis
AI Analytics
* AI Impact and Productivity Reporting
Personalize GitLab Duo
* GitLab Duo Self-Hosted (optional)
* Model Personalization\*
\*Planned. Additional terms and fees may apply.
Available for Ultimate customers.
Frequently Asked Questions
--------------------------
Show All
What programming languages are supported in Code Suggestions?
The best results from Code Suggestions are expected for languages the [Google Vertex AI Codey APIs](https://cloud.google.com/vertex-ai/generative-ai/docs/code/code-models-overview#supported_coding_languages)
directly support: C++, C#, Go, Google SQL, Java, JavaScript, Kotlin, PHP, Python, Ruby, Rust, Scala, Swift, and TypeScript.
What language models does GitLab Duo use?
Our abstraction layer allows us to power AI capabilities with the suitable model for the right use case. Explore the language models used for each GitLab Duo feature [here.](https://docs.gitlab.com/ee/user/project/repository/code_suggestions/supported_extensions.html)
Will my code be used for training AI models?
GitLab does not train generative AI models based on private (non-public) data. The vendors we work with also do not train models based on private data. [Learn more here](https://docs.gitlab.com/ee/user/gitlab_duo/data_usage.html#training-data)
.
Is GitLab Duo open core?
Yes. GitLab has an open core business model that enables us to build with our customers, who can contribute new capabilities to our product.
How can I use outputs generated by GitLab Duo?
Output generated by GitLab Duo can be used at your discretion and, if a third-party claim arises from your use of the output generated by GitLab Duo, GitLab will step in and defend you.
How do customers control which users can access GitLab Duo Pro features?
Organizational Controls allows Admins to assign license seats to specific users via a new admin UI. Code Suggestions can be enabled or disabled by the user directly in the IDE extension settings. Experimental/Beta AI Features such as Chat are controlled with a Top-level group setting. [Learn more here](https://docs.gitlab.com/ee/user/gitlab_duo/index.html#experimental-features)
.
Is GitLab Duo Pro available on non-connected/limited connectivity GitLab instances?
No, Code Suggestions and Chat require Internet connectivity and Cloud Licensing for self-managed customers to access.
When providing the prompt in a comment (in the source file), can the prompt be in a language other than English?
We don't intentionally restrict natural language, however we do expect English will provide the best results. From experimentation, writing the prompt in a language other than English provides a code suggestion tailored to that language (respecting the specific language syntax and reserved keywords).
How is Code Suggestions ensuring IP protection and Data privacy?
Read all about Code Suggestions Data privacy and IP protection [here](https://docs.gitlab.com/ee/user/gitlab_duo/data_usage.html#data-privacy)
. Usage of Code Suggestions and Chat is governed by the [GitLab Testing Agreement](https://about.gitlab.com/handbook/legal/testing-agreement/)
while it is still free to use and while Chat is still in Beta. Learn about [data usage when using Code Suggestions here](https://docs.gitlab.com/ee/user/gitlab_duo/data_usage.html)
and [Chat data usage here.](https://docs.gitlab.com/ee/user/gitlab_duo/data_usage.html)
[Video\
\
\
\
### Meet GitLab Duo\
\
Watch now](https://player.vimeo.com/video/855805049?title=0&byline=0&portrait=0&badge=0&autopause=0&player_id=0&app_id=58479/)
[Video\
\
\
\
### Code Suggestions\
\
Watch now](https://player.vimeo.com/video/894621401?badge=0&autopause=0&player_id=0&app_id=58479/)
[Video\
\
\
\
### Chat\
\
Watch now](https://player.vimeo.com/video/927753737?badge=0&autopause=0&player_id=0&app_id=58479/)
[Video\
\
\
\
### Code Review Summary\
\
Watch now](https://player.vimeo.com/video/929891003?badge=0&autopause=0&player_id=0&app_id=58479/)
[Video\
\
\
\
### Discussion Summary\
\
Watch now](https://player.vimeo.com/video/928501915?badge=0&autopause=0&player_id=0&app_id=58479/)
[Video\
\
\
\
### Vulnerability Explanation\
\
Watch now](https://player.vimeo.com/video/930066123?badge=0&autopause=0&player_id=0&app_id=58479/)
[Video\
\
\
\
### Code Explanation\
\
Watch now](https://player.vimeo.com/video/930066090?badge=0&autopause=0&player_id=0&app_id=58479/)
[Video\
\
\
\
### Suggested Reviewers\
\
Watch now](https://player.vimeo.com/video/930066108?badge=0&autopause=0&player_id=0&app_id=58479/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_content=default-saas-trial&glm_source=about.gitlab.com/)
[Talk to sales](/sales/)
---
# Automated Software Delivery with GitLab | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
Automated software delivery
===========================
Build, test, package, and deploy secure software in a fraction of the time. Again and again.
[Contact sales](/sales/)
[Start your free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/&glm_content=default-saas-trial)

Trusted By
----------
[](/blog/2021/08/04/ubs-gitlab-devops-platform/)
[](https://about.gitlab.com/customers/hackerone/)
[](/customers/thezebra/)
[](/customers/hilti/)
[](/customers/conversica/)
[](/customers/bab/)
[](/customers/glympse/)

Deliver better products faster
----------------------------------
GitLab automates the building, testing, packaging, and deploying of secure code from code commit to production. This means better code, faster releases, fewer bugs, and more time spent on new, innovative features.
### Supercharge developer productivity and developer experience
Minimize manual repetitive tasks and context-switching, so developers can focus on work that delivers value to the business.
[Learn more](/platform/)
### Increase visibility and transparency
With our unified platform, you’ll have a single source of truth to track not just your CI/CD pipeline, but all metrics you need for continuous growth and improvement.
[Learn more](/solutions/visibility-measurement/)
### Standardize your processes
Use a common set of tools across teams and lifecycle stages, without dependencies on third-party plugins or APIs to disrupt your workflow.
### Scale your CI/CD pipelines with ease
With built-in or custom CI/CD pipeline templates, you can automatically scan your code to create and run pipelines to build, test, package, and deploy your application — all tailored to fit your evolving needs as a growing organization.
[Learn more](/solutions/continuous-integration/)
### Protect your code with security built-in
Shift security left and even integrate security testing and compliance checks at code commit. The results are shared in the same merge request, allowing developers to easily identify, isolate, and fix code faults before they reach production.
[Learn more](/solutions/security-compliance/)
### Power it all with AI
GitLab delivers CI/CD as a single platform, with integrated generative AI at every stage of the software development lifecycle, including suggested code reviewers, security vulnerability explanations, value stream forecasts, and more.
[Learn more](/gitlab-duo/#features)
Your fast-track to product innovation

Source code management
### Software development that’s iterative, tested, and always releasing
[Learn more](/solutions/source-code-management/)
Collaborate and accelerate, all in one place
With asset version control, tight feedback loops, and powerful branching patterns, it’s simple for your developers to solve problems and ship value, fast.
Institute reliable, scalable governance for your source code
Guarantee quality and standards for all your projects by mandating a set number of necessary merge approvals and suggested reviewers with built-in code review. With these guardrails in place, you’ll feel confident about code quality as your organization scales.
Continuous integration & continuous delivery
### Make secure software delivery repeatable and scalable
[Learn more](/solutions/continuous-integration/)
Integrate security into your CI pipelines
GitLab’s industry leading CI capabilities enable automated testing, Static Analysis Security Testing, Dynamic Analysis Security Testing, and code quality analysis to provide fast feedback to developers and testers about the quality of their code.
Leverage simple, scalable CI/CD
You can run your CI/CD jobs on GitLab.com and GitLab Dedicated using GitLab-hosted runners to seamlessly build, test and deploy your application in your own environment.
Dynamic AI-driven development
### Accelerate your time to market without sacrificing security
[Learn more](/gitlab-duo/#features)
Increase developer speed and efficiency
With GitLab Duo, developers can automate repetitive tasks, get code explanations and suggestions, improve code quality, and get answers to questions right in the IDE.
Harness AI beyond code creation
Developers can also use GitLab Duo to understand and remediate security vulnerabilities, triage pipeline failures, and more to ensure their security efforts are matching the pace of their productivity.

"By switching to GitLab and automating deployment, teams have moved from monthly or weekly deliveries to daily or multiple daily deliveries."
Alan Hohn Director of Software Strategy, Lockheed Martin
[Read the case study](/customers/lockheed-martin/)
80% faster CI pipeline builds
90% less time spent on system maintenance
Explore all automated software delivery features
------------------------------------------------
##### Release better quality code, more often, with minimal manual intervention.
* [Remote Development](#remote-development)
* [Web IDE](#web-ide)
* [GitLab CLI](#gitlab-cli)
* [Code Review Workflow](#code-review-workflow)
* [Code Suggestions](#code-suggestions)
* [Code Explanation](#code-explanation)
* [Code Review Summary](#code-review-summary)
* [Test Generation](#test-generation)
* [Secrets Management](#secrets-management)
* [Review Apps](#review-apps)
* [Code Testing and Coverage](#code-testing-and-coverage)
* [Merge Trains](#merge-trains)
* [Suggested Reviewers](#suggested-reviewers)
* [Merge Requests](#merge-requests)
* [Root Cause Analysis](#root-cause-analysis)
* [Discussion Summary](#discussion-summary)
* [Virtual Registry](#virtual-registry)
* [Container Registry](#container-registry)
* [Helm Chart Registry](#helm-chart-registry)
* [Package Registry](#package-registry)
* [Model Registry](#model-registry)
* [Release Orchestration](#release-orchestration)
* [Infrastructure as Code](#infrastructure-as-code)
* [Feature Flags](#feature-flags)
* [Environment Management](#environment-management)
* [Deployment Management](#deployment-management)
* [Auto DevOps](#auto-devops)
* [CI/CD components](#cicd-components)
#### Remote Development[](#remote-development)
User Management provides tools to administer users and their attributes. From GitLab you can provision users, configure access control, manage user settings, and review user attributes.
[Create preconfigured remote development workspaces on-demand](https://docs.gitlab.com/ee/user/project/remote_development/)
[Enable Remote Development in GitLab Agent for Kubernetes](https://docs.gitlab.com/ee/user/project/remote_development/)
[Automatically clone public projects into a workspace](https://docs.gitlab.com/ee/user/project/remote_development/)
[Define a reproducible development environment in a devfile](https://docs.gitlab.com/ee/user/workspace/#devfile)
#### Web IDE[](#web-ide)
Contribute easily right from the browser with everything you need using a full featured Integrated Development Environment (IDE). GitLab Duo, our AI-powered suite of features, is accessible in the Web IDE.
[Web IDE](https://docs.gitlab.com/ee/user/project/web_ide/)
[EditorConfig in the Web IDE](https://docs.gitlab.com/ee/user/project/web_ide/index.html#configure-the-web-ide)
[Paste images in Markdown in the Web IDE](https://docs.gitlab.com/ee/user/project/web_ide/index.html#markdown-editing)
[Launch Gitpod Workspaces directly from GitLab](https://docs.gitlab.com/ee/integration/gitpod.html)
[Code Suggestions in GitLab Web IDE](https://docs.gitlab.com/ee/user/project/repository/code_suggestions/)
[Code explanation in GitLab Duo Chat, available in the Web IDE](https://docs.gitlab.com/ee/user/gitlab_duo_chat/examples.html#explain-code-in-the-ide)
[Code refactoring in GitLab Duo Chat, available in the Web IDE](https://docs.gitlab.com/ee/user/gitlab_duo_chat/examples.html#refactor-code-in-the-ide)
[Test generation in GitLab Duo Chat, available in the Web IDE](https://docs.gitlab.com/ee/user/gitlab_duo_chat/examples.html#write-tests-in-the-ide)
#### GitLab CLI[](#gitlab-cli)
The GitLab Command Line Interface (CLI) is an unified tool that allows you to manage and interact with GitLab directly from the command line.
[GitLab CLI - \`glab\`](https://docs.gitlab.com/ee/editor_extensions/gitlab_cli/)
#### Code Review Workflow[](#code-review-workflow)
Review code, discuss changes, share knowledge, and identify defects in code among distributed teams via asynchronous commenting and review. Automate, track and report code reviews, and identify workflow improvements with code review analytics.
[Description Templates](https://docs.gitlab.com/ee/user/project/description_templates.html)
[Check Lists](https://docs.gitlab.com/ee/user/markdown.html#task-lists)
[File Attachments](https://docs.gitlab.com/ee/development/file_storage.html)
[Emoji reactions](https://docs.gitlab.com/ee/user/award_emojis.html)
[GitLab Flavored Markdown](https://docs.gitlab.com/ee/user/markdown.html)
[Threaded Discussions](https://docs.gitlab.com/ee/user/discussions/)
[Filterable System Activity](https://docs.gitlab.com/ee/user/discussions/)
[Track Title Changes](https://docs.gitlab.com/ee/user/discussions/)
[Assignee](https://docs.gitlab.com/ee/user/project/issues/managing_issues.html#assignee)
[Lock Discussion](https://docs.gitlab.com/ee/user/discussions/#prevent-comments-by-locking-the-discussion)
[Bulk Edit Merge Requests](https://docs.gitlab.com/ee/user/project/issues/managing_issues.html)
[Quick Actions](https://docs.gitlab.com/ee/user/project/quick_actions.html)
[Custom Notifications](https://docs.gitlab.com/ee/user/profile/notifications.html)
[To-Do List](https://docs.gitlab.com/ee/user/todos.html)
[Jira Integration](/solutions/jira/)
[Jira Issues Integration](https://docs.gitlab.com/ee/integration/jira/)
[Jira Development Panel Integration](https://docs.gitlab.com/ee/integration/jira/#jira-development-panel)
[Track Description Changes](https://docs.gitlab.com/ee/user/discussions/index.html#view-description-change-history)
[Track Comment Changes](https://gitlab.com/gitlab-org/gitlab/issues/3706)
[Drag and Drop Tasks](https://gitlab.com/gitlab-org/gitlab-foss/issues/18003)
[Rich Object Summary on Link Hover](https://gitlab.com/groups/gitlab-org/-/epics/333)
[Create GitLab Merge Request from Jira Development Panel](https://gitlab.com/gitlab-org/gitlab/issues/2650)
[Multiple approvers in code review](https://docs.gitlab.com/ee/user/project/merge_requests/approvals/rules.html)
[Approval rules for code review](https://docs.gitlab.com/ee/user/project/merge_requests/approvals/rules.html)
[Optional Merge Request Approvals](https://docs.gitlab.com/ee/user/project/merge_requests/approvals/rules.html)
[Code Owners](https://docs.gitlab.com/ee/user/project/codeowners/)
[Suggest changes to merge requests](https://docs.gitlab.com/ee/user/discussions/index.html#suggest-changes)
[Multi-line diff comments](https://docs.gitlab.com/ee/user/discussions/)
[Image Discussions](https://docs.gitlab.com/ee/user/discussions/#image-threads)
[Merge Request Commit Discussions](https://docs.gitlab.com/ee/user/discussions/#commit-discussions)
[Create merge request from email](https://docs.gitlab.com/ee/user/project/merge_requests/creating_merge_requests.html#new-merge-request-by-email)
[First time contributor badge](/community/contribute/)
[Cleaner diffs for Jupyter Notebook files](https://docs.gitlab.com/ee/user/project/repository/jupyter_notebooks/#cleaner-diffs)
[Comment Templates](https://docs.gitlab.com/ee/user/profile/comment_templates.html)
[Display merge request status for builds on Jenkins CI](https://docs.gitlab.com/ee/integration/jenkins.html)
[Merge Requests](https://docs.gitlab.com/ee/user/project/merge_requests/)
[Merge conflict resolution](https://docs.gitlab.com/ee/user/project/merge_requests/conflicts.html)
[Auto-merge](https://docs.gitlab.com/ee/user/project/merge_requests/auto_merge.html)
[Revert specific commits or a merge request from the UI](https://docs.gitlab.com/ee/user/project/merge_requests/revert_changes.html)
[Merge request versions](https://docs.gitlab.com/ee/user/project/merge_requests/versions.html)
[Inline commenting and discussion resolution](https://docs.gitlab.com/ee/user/discussions/#resolvable-discussions)
[Ability to edit all fields of a merge request](https://docs.gitlab.com/ee/user/project/merge_requests/)
[Automatically close issue(s) when a merge request is merged](https://docs.gitlab.com/ee/user/project/issues/managing_issues.html#closing-issues-automatically)
[Configurable issue closing pattern](https://docs.gitlab.com/ee/administration/issue_closing_pattern.html)
[Draft merge requests](https://docs.gitlab.com/ee/user/project/merge_requests/drafts.html)
[Inline code coverage in merge request diff](https://docs.gitlab.com/ee/ci/testing/test_coverage_visualization.html)
[Merge request reviews](https://docs.gitlab.com/ee/user/project/merge_requests/reviews/)
[Code review dashboards](https://about.gitlab.com/blog/2017/03/17/demo-mastering-code-review-with-gitlab/)
[Contributor agreements](https://gitlab.com/gitlab-org/gitlab/-/issues/15899)
[Robot comments](https://docs.gitlab.com/ee/user/project/merge_requests/)
[Works with multiple repository types](https://docs.gitlab.com/ee/user/project/import/)
[Merge Request Dependencies](https://docs.gitlab.com/ee/user/project/merge_requests/dependencies.html)
[Code intelligence by Sourcegraph](https://docs.gitlab.com/ee/integration/sourcegraph.html)
[Code intelligence](https://docs.gitlab.com/ee/user/project/code_intelligence.html)
[Merge request reviewers](https://docs.gitlab.com/ee/user/project/merge_requests/reviews/)
[Suggested Reviewers](https://docs.gitlab.com/ee/user/project/merge_requests/reviews/#suggested-reviewers)
#### Code Suggestions[](#code-suggestions)
AI Assistant for proactive coding suggestions and autocompletions
[Inline Code Completion](https://docs.gitlab.com/ee/user/project/repository/code_suggestions/)
[Code Generation](https://docs.gitlab.com/ee/user/project/repository/code_suggestions/)
[Code Suggestions in VS Code](https://docs.gitlab.com/ee/editor_extensions/visual_studio_code/)
[Code Suggestions in JetBrains IDEs](https://docs.gitlab.com/ee/editor_extensions/jetbrains_ide/)
[Code Suggestions in Visual Studio](https://docs.gitlab.com/ee/editor_extensions/visual_studio/)
[Code Suggestions in Neovim](https://docs.gitlab.com/ee/editor_extensions/neovim/)
[Code Suggestions in GitLab Web IDE](https://docs.gitlab.com/ee/user/project/repository/code_suggestions/)
[Code explanation in GitLab Duo Chat, available in the Web IDE](https://docs.gitlab.com/ee/user/gitlab_duo_chat/examples.html#explain-code-in-the-ide)
[Code refactoring in GitLab Duo Chat, available in the Web IDE](https://docs.gitlab.com/ee/user/gitlab_duo_chat/examples.html#refactor-code-in-the-ide)
[Test generation in GitLab Duo Chat, available in the Web IDE](https://docs.gitlab.com/ee/user/gitlab_duo_chat/examples.html#write-tests-in-the-ide)
[Code explanation in GitLab Duo Chat, available in VS Code](https://docs.gitlab.com/ee/user/gitlab_duo_chat/examples.html#explain-code-in-the-ide)
[Code refactoring in GitLab Duo Chat, available in VS Code](https://docs.gitlab.com/ee/user/gitlab_duo_chat/examples.html#refactor-code-in-the-ide)
[Test generation in GitLab Duo Chat, available in VS Code](https://docs.gitlab.com/ee/user/gitlab_duo_chat/examples.html#write-tests-in-the-ide)
[Code explanation in GitLab Duo Chat, available in JetBrains IDEs](https://docs.gitlab.com/ee/user/gitlab_duo_chat/examples.html#explain-code-in-the-ide)
[Code refactoring in GitLab Duo Chat, available in JetBrains IDEs](https://docs.gitlab.com/ee/user/gitlab_duo_chat/examples.html#refactor-code-in-the-ide)
[Test generation in GitLab Duo Chat, available in JetBrains IDEs](https://docs.gitlab.com/ee/user/gitlab_duo_chat/examples.html#write-tests-in-the-ide)
[Code explanation in GitLab Duo Chat, available on the repository file page](https://docs.gitlab.com/ee/user/gitlab_duo_chat/examples.html#explain-code-in-the-ide)
[View Multiple Code Suggestions](https://docs.gitlab.com/ee/user/project/repository/code_suggestions/supported_extensions.html#view-multiple-code-suggestions)
#### Code Explanation[](#code-explanation)
Helps you understand code by explaining it in natural language.
[Code Explanation](https://docs.gitlab.com/ee/user/gitlab_duo/index.html#code-explanation-in-the-ide)
#### Code Review Summary[](#code-review-summary)
Helps merge request handoff between authors and reviewers and helps reviewers efficiently understand suggestions.
[Code Review Summary](https://docs.gitlab.com/ee/user/gitlab_duo/index.html#code-review-summary)
#### Test Generation[](#test-generation)
Automates repetitive tasks and helps catch bugs early.
[Test Generation](https://docs.gitlab.com/ee/user/gitlab_duo/index.html#test-generation)
#### Secrets Management[](#secrets-management)
Secure and protect access to secrets, such as API keys and passwords, to ensure that sensitive data is protected throughout your development process.
[Protected variables](https://docs.gitlab.com/ee/ci/variables/#protected-variables)
[GitLab-managed App for HashiCorp Vault](https://docs.gitlab.com/ee/user/infrastructure/clusters/manage/management_project_applications/vault.html)
[HashiCorp Vault Integration](https://docs.gitlab.com/ee/ci/examples/authenticating-with-hashicorp-vault/index.html)
[Secure your CI/CD workflow using OIDC](https://docs.gitlab.com/ee/ci/cloud_services/)
[CI/CD job token](https://docs.gitlab.com/ee/ci/jobs/ci_job_token.html)
#### Review Apps[](#review-apps)
Gain access to a live instance of your application for every commit, allowing you and stakeholders to ensure thorough validation and collaboration before changes are merged into the main codebase.
[Preview your changes with Review Apps](/stages-devops-lifecycle/review-apps/)
[Environments Auto-stop](https://docs.gitlab.com/ee/ci/environments/index.html)
[Automated Accessibility scanning of Review Apps](https://docs.gitlab.com/ee/ci/testing/accessibility_testing.html)
[Comments in Review Apps](https://docs.gitlab.com/ee/ci/review_apps/index.html#visual-reviews)
#### Code Testing and Coverage[](#code-testing-and-coverage)
Code testing and coverage are important parts of a Continuous Integration framework, ensuring that source code is validated by test suites and individual pipeline components perform as expected.
[Show code coverage rate for your pipelines](/blog/2016/11/03/publish-code-coverage-report-with-gitlab-pages/)
[Browser Performance Testing](https://docs.gitlab.com/ee/ci/testing/browser_performance_testing.html)
[Load Performance Testing](https://docs.gitlab.com/ee/ci/testing/load_performance_testing.html)
[Repeat failed test notification](https://docs.gitlab.com/ee/ci/testing/unit_test_reports.html)
[Graph Code coverage changes over time](https://docs.gitlab.com/ee/ci/pipelines/settings.html#code-coverage-history)
[Group Code Coverage Data](https://docs.gitlab.com/ee/user/group/#repositories-analytics)
[Unit Test Report](https://docs.gitlab.com/ee/ci/testing/unit_test_reports.html)
[Failed test screenshots in test report](https://docs.gitlab.com/ee/ci/testing/unit_test_reports.html)
[See unit test summaries in merge request widget](https://docs.gitlab.com/ee/ci/testing/unit_test_reports.html)
#### Merge Trains[](#merge-trains)
Coordinate frequent merge requests and avoid merge conflicts with Merge Trains, preventing code commits from breaking default and main branches.
[Merge request pipelines](https://docs.gitlab.com/ee/ci/pipelines/merge_request_pipelines.html)
[Merged results pipelines](https://docs.gitlab.com/ee/ci/pipelines/merged_results_pipelines.html)
[Merge Trains](https://docs.gitlab.com/ee/ci/pipelines/merge_trains.html)
[Run pipelines in the parent project for MRs from forks](https://docs.gitlab.com/ee/ci/pipelines/merge_request_pipelines.html#use-with-forked-projects)
#### Suggested Reviewers[](#suggested-reviewers)
Create faster and higher-quality reviews by automatically suggesting reviewers for your merge request.
[Suggested Reviewers](https://docs.gitlab.com/ee/user/gitlab_duo/index.html#suggested-reviewers)
#### Merge Requests[](#merge-requests)
Efficiently communicates the impact of your merge request changes.
[Merge Request Summary](https://docs.gitlab.com/ee/user/gitlab_duo/index.html#merge-request-summary)
[Generate a merge commit message](https://docs.gitlab.com/ee/user/project/merge_requests/duo_in_merge_requests.html#generate-a-merge-commit-message)
#### Root Cause Analysis[](#root-cause-analysis)
Assists you in determining the root cause for a pipeline failure and failed CI/CD build.
[Root Cause Analysis](https://docs.gitlab.com/ee/user/gitlab_duo/index.html#root-cause-analysis)
#### Discussion Summary[](#discussion-summary)
Assists with getting everyone up to speed on lengthy conversations to help ensure you are all on the same page.
[Discussion Summary](https://docs.gitlab.com/ee/user/gitlab_duo/index.html#discussion-summary)
#### Virtual Registry[](#virtual-registry)
GitLab offers a Virtual Registry that can be used for your frequently-accessed upstream artifacts.
[Virtual Registry](https://docs.gitlab.com/ee/user/packages/dependency_proxy/)
#### Container Registry[](#container-registry)
An integrated container registry to store container images for each GitLab project. Creating, pushing, and retrieving images works out of the box with GitLab CI/CD.
[Built-in Container Registry](https://docs.gitlab.com/ee/user/packages/container_registry/index.html)
[Built for using containers and Docker](https://docs.gitlab.com/ee/user/packages/container_registry/)
[Docker image support](https://docs.gitlab.com/ee/user/packages/container_registry/index.html)
[Container registry webhooks](https://docs.gitlab.com/ee/administration/packages/container_registry.html#configure-container-registry-notifications)
[Container registry high availability](https://docs.gitlab.com/ee/administration/reference_architectures/index.html)
[Container Registry geographic replication](https://docs.gitlab.com/ee/administration/geo/index.html)
[Supports private container registries](https://docs.gitlab.com/ee/user/packages/container_registry/index.html#using-with-private-projects)
[SaaS container registry offering](https://docs.gitlab.com/ee/user/packages/container_registry/index.html)
[Use container registry through REST API](https://docs.gitlab.com/ee/api/container_registry.html)
[Container registry storage management](https://docs.gitlab.com/ee/administration/packages/container_registry.html#container-registry-garbage-collection)
[Group-level Docker registry browser](https://docs.gitlab.com/ee/user/packages/container_registry/)
[Use search to find and container images](https://docs.gitlab.com/ee/user/packages/container_registry/#control-container-registry-from-within-gitlab)
[Cloud Native](/solutions/kubernetes/)
[Container debugging with an integrated web terminal](https://docs.gitlab.com/ee/ci/environments/index.html#web-terminals)
[Container image cleanup policies](https://docs.gitlab.com/ee/user/packages/container_registry/#cleanup-policy)
[Global Docker registry browser](https://gitlab.com/gitlab-org/gitlab/issues/23315)
#### Helm Chart Registry[](#helm-chart-registry)
An integrated Helm chart registry to store Helm charts for each GitLab project. Building, uploading, and installing Helm charts works out of the box with GitLab. Helm is the package manager for Kubernetes.
[Helm chart repository support](https://docs.gitlab.com/ee/user/packages/helm_repository/)
#### Package Registry[](#package-registry)
Use GitLab as a private or public registry for a variety of supported package managers. You can publish and share packages, which can be consumed as a dependency in downstream projects.
[Package Registry cleanup policies](https://docs.gitlab.com/ee/user/packages/package_registry/reduce_package_registry_storage.html)
[Forward requests for npm packages not found in GitLab to npmjs.com](https://docs.gitlab.com/ee/user/packages/npm_registry/#forwarding-requests-to-npmjsorg)
[Forward requests for Python packages not found in GitLab to PyPI.org](https://docs.gitlab.com/ee/administration/settings/continuous_integration.html#pypi-forwarding)
[Forward requests for Maven packages not found in GitLab to Maven central](https://docs.gitlab.com/ee/administration/settings/continuous_integration.html#maven-forwarding)
[Conan (C/C++) Repository](https://docs.gitlab.com/ee/user/packages/conan_repository/)
[Maven (Java) Repository](https://docs.gitlab.com/ee/user/packages/maven_repository/index.html)
[npm (node) Registry](https://docs.gitlab.com/ee/user/packages/npm_registry/index.html)
[NuGet (.NET) Repository](https://docs.gitlab.com/ee/user/packages/nuget_repository/)
[PyPI (Python) Repository](https://docs.gitlab.com/ee/user/packages/pypi_repository/)
[Terraform Module Registry](https://docs.gitlab.com/ee/user/packages/terraform_module_registry/index.html)
[RPM (Linux) Repository](https://gitlab.com/gitlab-org/gitlab/issues/5932)
[Debian (Linux) Repository](https://gitlab.com/gitlab-org/gitlab/issues/5835)
[RubyGems (Ruby) Repository](https://gitlab.com/gitlab-org/gitlab/issues/803)
[Go Proxy](https://docs.gitlab.com/ee/user/packages/go_proxy/)
[Composer (PHP) Repository](https://docs.gitlab.com/ee/user/packages/composer_repository/)
[Use the Package Registry through REST API](https://docs.gitlab.com/ee/api/packages.html)
[Package debugging with an integrated web terminal](https://docs.gitlab.com/ee/ci/environments/index.html#web-terminals)
[Publish and share package versions](https://docs.gitlab.com/ee/user/packages/)
[Generic Package Registry](https://docs.gitlab.com/ee/user/project/releases/#release-assets)
[Dependency Proxy](https://docs.gitlab.com/ee/user/packages/dependency_proxy/index.html)
#### Model registry[](#model-registry)
Model registry allows data scientists and developers to manage their machine learning models, along with all metadata associated with their creation: parameters, performance metrics, artifacts, logs, and more.
[Model registry](https://docs.gitlab.com/ee/user/project/ml/model_registry/)
#### Release Orchestration[](#release-orchestration)
Coordinate complex releases across multiple projects in an efficient way. Leverage scheduled delivery, blackout periods, parallelization and sequencing, and support for integrating manual processes to release software faster.
[Create a release from the UI](https://docs.gitlab.com/ee/user/project/releases/#create-a-release)
[Environments history](https://docs.gitlab.com/ee/ci/environments/index.html#viewing-the-deployment-history-of-an-environment)
[Environment-specific variables](https://docs.gitlab.com/ee/ci/variables/#limiting-environment-scopes-of-environment-variables)
[Keep track of releases using GitLab Releases](https://docs.gitlab.com/ee/user/project/releases/index.html)
[Group-level release analytics](https://docs.gitlab.com/ee/user/project/releases/#release-metrics)
[Pipeline Resource Groups](https://docs.gitlab.com/ee/ci/yaml/#resource_group)
[Associate Releases with Milestones](https://docs.gitlab.com/ee/user/project/releases/#releases-associated-with-milestones)
[Manage access to protected environments from the API](https://docs.gitlab.com/ee/api/protected_environments.html)
[Release Progress view](https://docs.gitlab.com/ee/user/project/releases/)
[Deploy Freeze](https://docs.gitlab.com/ee/user/project/releases/#set-a-deploy-freeze)
[Link runbooks to a Release](https://docs.gitlab.com/ee/user/project/releases/index.html#links)
[Create a release directly from the .gitlab-ci.yml via the release CLI](https://docs.gitlab.com/ee/user/project/releases/index.html#release-command-line)
[Generic Package Registry](https://docs.gitlab.com/ee/user/project/releases/#release-assets)
[Changelog](https://docs.gitlab.com/ee/development/changelog.html#changelog-entries)
#### Infrastructure as Code[](#infrastructure-as-code)
Automate the provisioning of infrastructure resources through Infrastructure-as-Code, use Terraform/OpenTofu with zero-configuration from CI/CD pipelines, and apply GitOps best practices to deliver software faster.
[Terraform plan output summary in Merge Requests](https://docs.gitlab.com/ee/user/infrastructure/)
[GitLab-managed Terraform state files](https://docs.gitlab.com/ee/user/infrastructure/)
#### Feature Flags[](#feature-flags)
Reduce deployment risk with a progressive rollout strategy that includes feature flags — enabling teams to toggle feature availability, test features in small batches, and separate deployment from customer launch.
[Feature Flags](https://docs.gitlab.com/ee/operations/feature_flags.html)
[Feature Flag List view](https://docs.gitlab.com/ee/operations/feature_flags.html)
[Percent of Users Strategy for Feature Flags](https://docs.gitlab.com/ee/operations/feature_flags.html#rollout-strategy)
[Flexible Rollout Strategy for Feature Flags](https://docs.gitlab.com/ee/operations/feature_flags.html#percent-rollout)
[UserID Rollout Strategy for Feature Flags](https://docs.gitlab.com/ee/operations/feature_flags.html#target-users)
[Set multiple strategies per environment](https://docs.gitlab.com/ee/api/features.html)
[User List Strategy for Feature Flags](https://docs.gitlab.com/ee/operations/feature_flags.html#user-list)
[Associate Feature Flags with the issue(s) that is related to them](https://docs.gitlab.com/ee/api/features.html)
#### Environment Management[](#environment-management)
Environments are at the center of DevSecOps, bringing the results of application development in front of the users. They provide traceability of deployments, visualisation of workload states, and support advanced rollout strategies, feature flag management, and when necessary rollbacks.
[Environments and deployments](https://docs.gitlab.com/ee/ci/environments/index.html)
[Per-environment permissions](https://docs.gitlab.com/ee/user/project/protected_branches.html)
[Environment-specific variables](https://docs.gitlab.com/ee/ci/variables/#limiting-environment-scopes-of-environment-variables)
[Protected Environments](https://docs.gitlab.com/ee/ci/environments/protected_environments.html)
[Environment type](https://docs.gitlab.com/ee/ci/environments/#deployment-tier-of-environments)
[Environments Dashboard](https://docs.gitlab.com/ee/ci/environments/environments_dashboard.html)
[View alerts on the Environments page](https://docs.gitlab.com/ee/ci/environments/#working-with-environments)
[Manage access to protected environments from the API](https://docs.gitlab.com/ee/api/protected_environments.html)
[Active confirmation of what is running in production](https://docs.gitlab.com/ee/user/project/releases/)
#### Deployment Management[](#deployment-management)
Deploying applications from testing environments to multi-region production servers is a core requirement of DevSecOps. Deployments should be easy to codify for platform engineers and simple to interact with for engineers and release managers. Moreover, they should follow company requirements in terms of compliance and security. Deployment management supports multi-cloud, cloud-native, and legacy infrastructures and unifies the platform experience by integrating tools and frameworks, such as Flux for GitOps.
[Fine-grained access controls for CI/CD based Kubernetes deployments](https://docs.gitlab.com/ee/user/clusters/agent/ci_cd_workflow.html#restrict-project-and-group-access-by-using-impersonation)
[Environment-specific variables](https://docs.gitlab.com/ee/ci/variables/#limiting-environment-scopes-of-environment-variables)
[GitLab Agent for Kubernetes](https://docs.gitlab.com/ee/user/clusters/agent/)
[GitOps deployment management](https://docs.gitlab.com/ee/user/clusters/agent/gitops.html)
[Timed and manual incremental rollout deployments](https://docs.gitlab.com/ee/topics/autodevops/index.html#incremental-rollout-to-production)
[Canary Deployments](https://docs.gitlab.com/ee/user/project/canary_deployments.html)
[First class container building](https://gitlab.com/gitlab-org/gitlab/-/issues/23141)
[Complex, simultaneous deployments per environment](https://docs.gitlab.com/ee/ci/environments/deployment_safety.html)
[Load balancer management for Blue/Green deployment](https://docs.gitlab.com/ee/ci/environments/incremental_rollouts.html#blue-green-deployment)
#### Auto DevOps[](#auto-devops)
Automatically discover, build, test, and scan source code, and deploy and monitor built applications using an opinionated but highly customizable set of CI/CD templates and integrations. Enable teams to focus on writing business code and better collaboration while delivering software faster.
[Auto DevOps](https://docs.gitlab.com/ee/topics/autodevops/)
#### CI/CD Components[](#cicd-components)
Streamline your CI/CD pipelines with reusable components—customizable, versioned units listed in the CI/CD Catalog. Build or reuse components for flexible, efficient workflows.
[Pipeline Composition and Component Catalog](https://docs.gitlab.com/ee/ci/components/)
##### Streamline your software delivery lifecycle and boost efficiency with GitLab.
By incorporating automated software deployment into your production environments, you can accelerate software development and deliver innovative products to your customers faster.
[Contact sales to get started](/sales/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Analyze, discover and optimize the hidden value within your DevSecOps lifecycle | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
Optimize workflows from idea to customer value
==============================================
End-to-end analytics and insights
---------------------------------
GitLab empowers teams to optimize their software delivery workflows through data-driven decisions powered by a DevSecOps platform with a unified data store.
[Start your free trial](https://gitlab.com/-/trial_registrations/new?_gl=1%2A1lt5wks%2A_ga%2AMTc4NzA4MjI4Ni4xNjc1OTYwMzk0%2A_ga_ENFH3X7M5Y%2AMTY4MTE0OTk0MC4xMjkuMS4xNjgxMTUwMTMwLjAuMC4w&glm_content=default-saas-trial&glm_source=about.gitlab.com%2Fpricing%2F)
[Questions? Contact us](/sales/)

Trusted By:
-----------
[](/customers/chorus/)
[](/customers/hilti/)
[](/customers/haven-technologies/)
[](/customers/paessler/)
[](/customers/deutsche-telekom/)
* [Overview](#overview)
* [Capabilities](#capabilities)
* [Customers](#customers)
* [Pricing](#pricing)
* [Resources](#resources)

Visualize to optimize
-------------------------
###
Protect your software development lifecycle
Protect multiple attack surfaces, including your code, build, dependencies, and release artifacts
[Learn more about DevSecOps](/solutions/security-compliance/)
###
Adhere to compliance requirements
Easy access to audit and governance reports
[Why GitLab?](/why-gitlab/)
###
Implement guardrails
Control access and implement policies
[Learn more about our platform approach](/solutions/devops-platform/)
Unified datastore. Unified view.
--------------------------------
### Optimize your value streams
* [Value Streams Dashboard](https://docs.gitlab.com/ee/user/analytics/value_streams_dashboard.html)
identifies bottlenecks and opportunities for improvement with a unified view of your end-to-end software delivery metrics.
* [GitLab Duo](https://docs.gitlab.com/ee/user/ai_features.html#show-deployment-frequency-forecast)
’s value stream forecasting predicts your productivity metrics to improve planning and decision-making.
* [DevOps adoption](https://docs.gitlab.com/ee/user/group/devops_adoption/)
analytics uncovers adoption barriers for your teams and drives DevSecOps transformation.
### Minimize disruptions
* [Security Dashboards and Security Center](https://docs.gitlab.com/ee/user/application_security/security_dashboard/)
identifies trends in vulnerabilities and assigns project vulnerability grades so you can focus your remediation efforts on at-risk projects.
* [Vulnerability Report](https://docs.gitlab.com/ee/user/application_security/vulnerability_report/index.html#operational-vulnerabilities)
helps manage, triage, and remediate operational vulnerabilities found in your running applications.
* [Compliance center](https://docs.gitlab.com/ee/user/compliance/compliance_center/)
provides a consolidated view of your compliance signals such as segregation of duties, framework compliance, license compliance, user activity, and merge request/pipeline results.
### Faster, high quality releases
* [Operations Dashboard](https://docs.gitlab.com/ee/user/operations_dashboard/)
provides a summarized view of your project operational health, pipeline and alert status.
* [CI/CD Analytics](https://docs.gitlab.com/ee/user/analytics/ci_cd_analytics.html)
consolidates your project pipeline success rate and performance metrics.
* [Environments Dashboard](https://docs.gitlab.com/ee/ci/environments/environments_dashboard.html)
tracks the progress of changes as they flow through your development, staging, and production environments to ensure smooth and timely deployments.
### Faster, high quality releases
* [Value stream analytics](https://docs.gitlab.com/ee/user/group/value_stream_analytics/index.html)
identifies waste and surface improvement opportunities to increase the effectiveness and efficiency of development teams.
* [DORA4 metrics](https://about.gitlab.com/solutions/value-stream-management/dora/)
benchmark your DevSecOps maturity and identifies areas for process improvement.
* [Planning insights](https://docs.gitlab.com/ee/user/analytics/issue_analytics.html)
provides actionable insights into your development workflow with issue analytics, burndown and burnup charts, and roadmap analysis.


"We decided to extend to GitLab Ultimate because we wanted to have the security and compliance features and all in one security dashboard."
Norman Stamnitz product manager, Deutsche Telekom IT
[Learn more](/customers/deutsche-telekom/)
Which tier is right for you?
----------------------------
[Which tier is right for you?](/pricing/)
### Free
Essential features for individual users
* Project level value stream analytics
* Usage trends
* Release analytics
* Unit test report
[Learn more](/pricing/)
### Premium
Enhance team productivity and coordination
* Group level value stream dashboard
* Issue Analytics Contribution Analytics
* Productivity Analytics
* Code Review analytics
* Operations Dashboard
* Environments Dashboard
[Learn about GitLab Premium](/pricing/)
### Ultimate
Organization-wide security, compliance, and planning
* Security Dashboard
* Value Streams Dashboard
* DORA metrics & Custom DORA reporting
* Portfolio roadmap
* Planning Insights
[Start your free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/&glm_content=default-saas-trial)
[Learn more](/pricing/)
Related resources
-----------------
Video

### Value streams dashboard video
Watch now
Video

### Security Dashboard - Advanced Security Testing
Watch now
Video

### DORA metrics - User Analytics
Watch now
Video

### Group Code Coverage Analytics - Ops Insights
Watch now
[Blog\
\
 \
\
### Value stream management: Total Time Chart simplifies top-down optimization flow\
\
Learn more](https://about.gitlab.com/blog/2023/06/01/value-stream-total-time-chart/)
[Blog\
\
 \
\
### Understand how your teams adopt DevOps with DevOps reports\
\
Learn more](https://about.gitlab.com/blog/2021/12/15/devops-adoption/)
[Report\
\
 \
\
### The 2024 Magic Quadrant for DevOps Platforms\
\
Learn more](/gartner-magic-quadrant/)
[Report\
\
 \
\
### The Forrester Wave 2023 for Integrated Software Delivery Platforms\
\
Learn more](https://page.gitlab.com/forrester-wave-integrated-software-delivery-platforms-2023.html)
[Explore more Solutions](/solutions/)
### Continuous Software Compliance
Integrating security into your DevOps lifecycle is easy with GitLab.
[Learn more](/solutions/continuous-software-compliance/)
### Software Supply Chain Security
Ensure your software supply chain is secure and compliant.
[Learn more](/solutions/supply-chain/)
### Continuous Integration and Delivery
Make software delivery repeatable and on-demand
[Learn more](/solutions/continuous-integration/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# How UBS created their own DevOps platform using GitLab
[Blog](/blog/)
[Engineering](/blog/categories/engineering/)
How UBS created their own DevOps platform using GitLab
Published on: August 4, 2021
4 min read
How UBS created their own DevOps platform using GitLab
======================================================
How GitLab helped power more than a million builds in six months on UBS DevCloud.

[Sara Kassabian](/blog/authors/skassabian/)
[DevOps](/blog/tags/DevOps/)
[open source](/blog/tags/open-source/)
[CI](/blog/tags/CI/)
[collaboration](/blog/tags/collaboration/)
UBS, the largest truly global wealth manager, uses GitLab to power DevCloud, a single [DevOps platform](/solutions/devops-platform/)
that allows for a cloud-based, service-oriented, software development lifecycle.
"GitLab is a fundamental part of DevCloud," said [Rick Carey](https://www.bloomberg.com/profile/person/20946258)
, Group Chief Technology Officer at UBS. "We wouldn't be able to have that seamless experience without GitLab. It allowed us to pull ahead of many of our competitors, and break down the barriers between coding, testing, and deployment."
During GitLab Virtual Commit 2021, Rick and [Eric Johnson](/company/team/#edjdev)
, Chief Technology Officer at GitLab, talked about how building DevCloud on GitLab's DevOps Platform allowed UBS to increase their development velocity, lower their infrastructure costs, and increase collaboration between engineers and non-engineering teams worldwide.
How engineers used DevCloud to collaborate during UBS Hackathon[](#how-engineers-used-devcloud-to-collaborate-during-ubs-hackathon)
------------------------------------------------------------------------------------------------------------------------------------
The annual [UBS Hackathon](https://www.ubs.com/global/en/our-firm/what-we-do/technology/2020/hackathon-2020.html)
, which typically brings together engineers from around the world in one room, went virtual in 2020 due to the COVID-19 pandemic. UBS did a soft launch of the DevCloud platform during the 2020 Hackathon to have a truly global development and seamless team experience among the more than 500 participants dispersed worldwide.
"It was hard to pick a winner, because nearly every program and team built something absolutely incredible in such a short amount of time," said Rick. "They got so much done that even while chatting with each other, they said, 'I can't believe how easy it is to get this done.'
Once this Hackathon was successful, we knew that we were going to be able to migrate the rest of our engineers to DevCloud."
Open source collaboration benefitted UBS and GitLab[](#open-source-collaboration-benefitted-ubs-and-gitlab)
------------------------------------------------------------------------------------------------------------
"I must say it's uncommon in my experience to see such a large organization let alone one in such a compliance-driven industry as finance take on such a large project and deliver it on time," Eric said.
Rick attributes part of that success to GitLab's commitment to open source collaboration, which allowed UBS to turn to GitLab team members with questions.
"In an open source model, every time there was a gap, or an issue, or something we just needed your help with, we could reach out to GitLab and say, 'Can we work on this together? Is there a way to improve this?'", said Rick. "That's the value, and that's one of the reasons we went with GitLab."
It wasn't a one-way relationship. Eric said that GitLab learned a lot about compliance and risk processes that are unique to the financial sector by collaborating on open source projects with UBS.
"Collaboration is one of the GitLab's core values – which was key to this project. We set common goals. We're in constant communication, and we're always working together to remove roadblocks. Working with UBS's engineers is a truly agile experience," said Eric.
GitLab forums have a lot of contributions from UBS team members, and both UBS and GitLab are members of open source communities such as the Fintech Open Source Foundation (FINOS) and Cloud Native Computing Foundation (CNCF).
How adopting DevCloud paid off for UBS[](#how-adopting-devcloud-paid-off-for-ubs)
----------------------------------------------------------------------------------
One of the key messages for why adopting a single DevOps platform such as GitLab or DevCloud benefits engineering teams is the productivity pay-off – for engineers and non-engineers alike.
Similar to GitLab, which enables simple asynchronous collaboration between team members, DevCloud was built with engineers in mind but so everyone can contribute. Rick said that one of the best pieces of feedback he got on DevCloud was from someone on the business side of UBS, who wanted to do some development projects but struggled with other tools.
"He said, 'Oh, that's DevCloud? I love DevCloud,'" said Rick.
In the roughly six months since UBS launched DevCloud, there have been more than 12,000 users and more than one million successful builds.
What's next?[](#what's-next%3F)
--------------------------------
In June 2021, [GitLab acquired machine learning company UnReview](/press/releases/2021-06-02-gitlab-acquires-unreview-machine-learning-capabilities.html)
which has allowed us to improve our machine learning capabilities as part of our DevOps Platform. Eric said that by practicing applied machine learning, specifically for code review, GitLab should be able to balance review workloads across teams to increase efficiency.
Keeping all the DevOps activities in a single application makes it easier to extract insights throughout the software development lifecycle. By adding machine learning to a DevOps Platform such as GitLab or DevCloud, teams can not only derive data from past activities, but start to predict the future.
"We were very impressed by UBS's development culture," said Eric. "It is very complimentary to our own, and we look forward to our continued partnership."
More of a video person?[](#more-of-a-video-person%3F)
------------------------------------------------------
This conversation was part of GitLab Virtual Commit 2021. Watch the video below to see the full conversation between Eric and Rick.
[Engineering\
\
\
\
#### Tutorial: Secure BigQuery data publishing with GitLab\
\
Read the blog](/blog/2025/03/25/tutorial-secure-bigquery-data-publishing-with-gitlab/)
[Engineering\
\
\
\
#### How we reduced MR review time with Value Stream Management\
\
Read the blog](/blog/2025/02/20/how-we-reduced-mr-review-time-with-value-stream-management/)
[Engineering\
\
\
\
#### Automating container image migration from Amazon ECR to GitLab\
\
Read the blog](/blog/2025/02/13/automating-container-image-migration-from-amazon-ecr-to-gitlab/)
### We want to hear from you
Enjoyed reading this blog post or have questions or feedback? Share your thoughts by creating a new topic in the GitLab community forum. [Share your feedback](https://forum.gitlab.com/new-topic?title=GitLab%20account%20security:%20Verify%20your%20information%20for%20enhanced%20protection&body=&tags=blog-feedback)
See what your team could do with a unified DevSecOps Platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_content=default-saas-trial&glm_source=about.gitlab.com)
Find out which plan works best for your team
[Learn about pricing](/pricing/)
Learn about what GitLab can do for your team
[Talk to an expert](/sales/)
---
# Iron Mountain | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
[Customer stories](/customers/)
Iron Mountain
 + 
Iron Mountain drives DevOps evolution with GitLab Ultimate
==========================================================
Reduced complexity
Streamlined security
Improved visibility

Industry Technology
Employees 25,000+
Location Boston, Massachusetts
Solution
[GitLab Ultimate](/pricing/ultimate/)
Want to see what [GitLab Ultimate](/pricing/ultimate/)
can do for your team?
[Start your free trial](https://gitlab.com/-/trials/new?_gl=1%2Au3qiai%2A_ga%2AMTMyODM2NjQzOC4xNjU3OTA0NDQ2%2A_ga_ENFH3X7M5Y%2AMTY3ODkzMDM3MS40MDQuMC4xNjc4OTMwMzcyLjAuMC4w&glm_content=default-saas-trial&glm_source=about.gitlab.com%2F)
* * *
$150k in approximate cost savings per year
* * *
20 hrs saved in onboarding time per project
* * *
Ready to get started? [Get free trial](https://gitlab.com/-/trials/new?_gl=1%2Au3qiai%2A_ga%2AMTMyODM2NjQzOC4xNjU3OTA0NDQ2%2A_ga_ENFH3X7M5Y%2AMTY3ODkzMDM3MS40MDQuMC4xNjc4OTMwMzcyLjAuMC4w&glm_content=default-saas-trial&glm_source=about.gitlab.com%2F)
[Learn about pricing](/pricing/)
The platform speeds pipeline creation and takes over administrative chores so that developers can focus on development.
GitLab has provided us with the foundation and platform to enable our scaled Agile framework. We are able to collaborate within our Enterprise IT teams and our key stakeholders.
\- Hayelom Tadesse, Vice President of Enterprise Technology, Iron Mountain
Iron Mountain Incorporated is a global leader in innovative storage, data center infrastructure, asset lifecycle management and information management services. Founded in 1951 and trusted by more than 225,000 customers worldwide, Iron Mountain helps customers CLIMB HIGHER™ to transform their businesses.
Through a range of services including digital transformation, data centers, secure records storage, information management, asset lifecycle management, secure destruction, and art storage and logistics, Iron Mountain helps businesses bring light to their dark data, enabling customers to unlock value and intelligence from their stored digital and physical assets at speed and with security, while helping them meet their environmental goals.
### Taming fragmented tooling to gain a single view of DevOps
Iron Mountain’s architecture and platform group had a goal to implement an overall strategy to support the use of cloud managed services. The group began evaluating SaaS-based integration platforms, which they hoped could address challenges such as fragmented open source tooling, gaps that blocked development and operations communications, heavy administrative burdens, and difficulties with efficiently securing complex pipeline deployments. Existing on-premises Jira software incurred management complexity in the form of plugin troubleshooting, and with Veracode security software, teams were only able to discover coding issues late in the development cycle, causing resource-intensive rework. In addition, operations needed to support teams’ increasing adoption of new Kubernetes development methods. Iron Mountain’s technical leadership concluded that an appropriate cloud services solution was needed to support developers’ challenges.
### GitLab Ultimate SaaS empowers developers while reducing complexity
Iron Mountain chose [GitLab Ultimate on Google Cloud](/partners/technology-partners/google-cloud-platform/)
to solve these challenges, and is now running 240 automated cloud deployments on GCP for Google Kubernetes Engine (GKE) workloads. GitLab CI/CD allows teams to save time and boost efficiency with automation while also supporting better security assurance via up-front security scanning such as dynamic application security testing (DAST) and static application security testing (SAST).
GitLab supports Iron Mountain’s goal to “shift security left” — placing more security responsibility in the hands of developers and empowering teams to find security flaws earlier in the process.
GitLab also serves as a complete, cohesive orchestration environment that simplifies management while meeting developers’ needs as they build new Kubernetes environments to support cloud and multi-cloud architecture. This single solution reduces complexity and supports a future-proof, community-driven roadmap that aligns with Iron Mountain’s tech planning. Iron Mountain sees GitLab as an important part of Enterprise Architecture and Platforms’ enablement of Agile methods and helpful to the company’s evolution to DevOps. GitLab Ultimate SaaS does the maintenance, so developers can focus on development.
### Building a governance model with GitLab
With GitLab Ultimate SaaS, Iron Mountain has been able to reduce the costs associated with infrastructure management while also securely increasing production velocity. The company has cut the number of on-premises virtual machines (VMs) by nearly half, saving more than $60,000 per year in maintenance costs and more than $90,000 per year in labor.
“GitLab has provided us with the foundation and platform to enable our scaled Agile framework,” adds Hayelom Tadesse, Iron Mountain’s vice president of enterprise technology. “We are able to collaborate within our Enterprise IT teams and our key stakeholders.”
Epics in GitLab provide a way for Iron Mountain teams to organize and track issues according to a strategic theme. Team members can employ features within epics to create a governance model for development that supports large, multiyear initiatives.
Iron Mountain Vice President of Technology Jason Monoharan says GitLab — the company — has a roadmap and community spirit that aligns with best Agile practices. “To me, the vision that GitLab has in terms of tying strategy to scope and to code is very powerful. Also, I appreciate the level of investment they are continuing to make in the platform as they continue to work on it,” he says. Monoharan adds that GitLab’s team has collaborated closely with Iron Mountain teams to define priority features.
At Iron Mountain, GitLab’s single pane of glass helps teams to understand the demands on their capacity, and allows them to focus on priority work in order to speed secure delivery of innovative services — all while ensuring the security of pipelines and improving productivity.
All information and persons involved in case study are accurate at the time of publication.
[#### Find out which plan is best for your team.\
\
See our pricing plans](/pricing/)
[#### How much is your current toolchain costing you?\
\
ROI calculator](/calculator/)
* * *
[\
\
#### FullSave\
\
FullSave simplifies toolchain\
\
Read story](/customers/fullsave/)
[\
\
#### Siemens\
\
How Siemens created an open source DevOps culture with GitLab\
\
Read story](/customers/siemens/)
[\
\
#### Hilti\
\
How CI/CD and robust security scanning accelerated Hilti's SDLC\
\
Read story](/customers/hilti/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Haven Technologies | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
[Customer stories](/customers/)
Haven Technologies
 + 
How Haven Technologies moved to Kubernetes with GitLab
======================================================
Increased efficiency
Improved security
Accelerated development

Industry Insurance Tech
Employees 400
Location New York, New York, United States
Solution
[GitLab Ultimate](/pricing/ultimate/)
Want to see what [GitLab Ultimate](/pricing/ultimate/)
can do for your team?
[Start your free trial](https://gitlab.com/-/trials/new?_gl=1%2Au3qiai%2A_ga%2AMTMyODM2NjQzOC4xNjU3OTA0NDQ2%2A_ga_ENFH3X7M5Y%2AMTY3ODkzMDM3MS40MDQuMC4xNjc4OTMwMzcyLjAuMC4w&glm_content=default-saas-trial&glm_source=about.gitlab.com%2F)
* * *
$7 Cost savings per user monthly, across 150+ users
* * *
62% Of users ran a secret detection job in the last month
* * *
66% Of users have run a secure scanner job in the last month
* * *
Ready to get started? [Get free trial](https://gitlab.com/-/trials/new?_gl=1%2Au3qiai%2A_ga%2AMTMyODM2NjQzOC4xNjU3OTA0NDQ2%2A_ga_ENFH3X7M5Y%2AMTY3ODkzMDM3MS40MDQuMC4xNjc4OTMwMzcyLjAuMC4w&glm_content=default-saas-trial&glm_source=about.gitlab.com%2F)
[Learn about pricing](/pricing/)
GitLab’s DevSecOps Platform is helping Haven Technologies drive improvements to efficiency, security, and development velocity.
GitLab’s commitment to an open source community meant that we could engage directly with engineers to work through difficult technical problems."
\- Evan O’Connor, Platform Engineering Manager, Haven Technologies
### Making insurance more accessible through a world-class digital platform
Haven Technologies is an insurance technology software as a service (SaaS) provider based in New York, New York. Prior to becoming Haven Technologies, the company helped transform the life insurance industry in 2015 with the launch of Haven Life, a digital insurance technology company that allowed customers to get a quote, apply for a policy, get approved, and manage that policy, almost entirely online. Now, Haven Technologies makes its unique cloud-native insurance platform available to other businesses in the life, annuities, and disability industries. An example was [HealthBridge](https://www.massmutual.com/healthbridge)
, a free online life insurance policy offered by MassMutual to eligible frontline healthcare workers and volunteers in the wake of the COVID pandemic, that was built and launched in just a few weeks using the Haven Technologies solution.
### A growing organization reaches a breaking point
As an insurance technology company, Haven Technologies is strongly aware of the need to protect sensitive customer data. The company’s code is valuable intellectual property, says platform engineering manager Evan O’Connor.
Haven Technologies started using GitLab for version control and source code management (SCM). By 2019, the company was heavily utilizing GitLab CI/CD and container registry. Developers were continuously adding new projects, each of which had pipelines to build Docker images, run units, regression and integration tests, and security scanning.
An early project was to move all Docker builds to GitLab and build images there, which was a big time-saver as images were pre-built and tested come deploy time, says O’Connor.
In late 2019, Haven Technologies began its journey to migrate to a self-managed GitLab instance on Kubernetes using Helm charts to allow for greater scalability, customization, and security. Prior to that time, Haven Technologies used the Omnibus deployment, a more commonly used installation that requires minimal configuration to get up and running.
Before Kubernetes, the team used Convox, which is built on Docker and ECS (Elastic Container Service) and aims to make it easy to deploy and manage applications in the cloud. This setup worked well as a smaller organization, but O’Connor says that eventually, they reached a breaking point where Convox did not provide enough control over their cloud resources. During peak usage days (especially around release time), GitLab would become painfully slow and users would receive frequent 500 errors in the UI and failed pipelines, he recalls.
### Braving the unknown with a trusted partner
As an innovator in the insurance tech space, the Haven Technologies engineering team felt they were a natural fit to become an early adopter of [GitLab’s Helm Chart](https://docs.gitlab.com/charts/?_gl=1*d7zk1c*_ga*MTU1MDMzNTYwOS4xNjQ0OTYxNjk3*_ga_ENFH3X7M5Y*MTY4MTkzMzY3MC40MTUuMC4xNjgxOTMzNjgyLjAuMC4w)
. Haven Technologies leadership was given fair warning that because the product was new, they might encounter roadblocks that would require help from GitLab’s support and engineering teams.
But Haven Technologies was undaunted. “Our team was somewhat new to Kubernetes and Helm, but GitLab became an opportunity for us to learn and gain experience that we could apply when we moved the rest of our apps to Kubernetes,” says O’Connor.
And GitLab made the communication seamless. “GitLab’s commitment to an open source community meant that we could engage directly with engineers to work through difficult technical problems,’’ says O’Connor. “Overall, I would recommend adopting the Helm Charts if your team is experienced with Kubernetes or if, like us, you are willing to brave the unknown with the goal of using the latest technology and a desire to contribute to improving the Helm Charts for everyone.”
The decision to adopt GitLab’s Helm Chart was in part influenced by a larger move to Kubernetes for all of Haven Technologies’ applications. At the same time Haven Technologies decided to become an early adopter of the GitLab Helm Chart, the engineering team was also planning to move the entire production and user acceptance testing (UAT) environments to run on Kubernetes. It made a lot of sense to deploy GitLab in the same way as their other applications, so all of the configurations would be in one place, says O’Connor.
The other advantage of Kubernetes was that autoscaling and high availability are native to the software and are easy to enable via Helm Charts. “If we went in the direction of multiple EC2 instances, we would have to manage many different configurations that each would require their own solutions for autoscaling and high availability,’’ says O’Connor.
The first prerequisite for running GitLab on Kubernetes is to build a cluster. Haven Technologies chose Amazon EKS, since all of the company’s applications reside in AWS. Engineers decided to build out GitLab in both UAT and production environments to allow them to test upgrades and other configuration changes before they went live.
Haven Technologies uses Jira and Terraform, and uses GitLab pipelines to automate Terraform tasks.
O’Connor highly recommends maintaining a staging environment for GitLab to maintain stability and reduce the risk of data loss during difficult updates. “GitLab makes this easy, and only one license is needed to support both environments,’’ he says. “Using Terraform and Helm, our UAT and production environments are configured almost identically, aside from more conservative scaling in UAT to save money.”
In the future, O’Connor says engineers will aim to build a way to easily shut down or spin up their UAT GitLab system so they do not have idle machines running when they are not needed.
Another struggle was finding a way to load test their UAT setup before cutting it into production. Volunteers from the development and QA teams were asked to help load test GitLab and search for abnormalities. O’Connor’s team created a spreadsheet and had users enter any abnormalities they found. This helped the team fix some misconfigurations before fully cutting over, he says.
Engineers had built out the monitoring portion of the Helm Charts after they had cut over their production GitLab system to Kubernetes. This made diagnosing issues that were caused by load especially difficult. At the time, all they had were pod-level CPU and memory metrics reported by the Kubernetes cluster. These dashboards helped team members resolve issues where their pod limits were set too conservatively.
Haven Technologies also utilized AWS CloudWatch metrics and log queries to look for bottlenecks and correlate issues with AWS resources.
Going forward, as issues come up when testing GitLab on Kubernetes, O’Connor says they will create dashboards to identify them more quickly.
### More deployments, more testing, lower costs
By using the GitLab package registry, Haven Technologies has been able to stop using the public npm registry — at a cost of $7 per user for more than 150 users (as of December 23, 2022). By implementing autoscaling Docker-machine and Kubernetes runners, O’Connor’s team was able to increase the number of regression and integration tests performed on each commit to developer branches.
The team has also greatly increased the number of security pipelines they are running on each merge request, which has helped them to increase developer involvement in securing applications earlier in the development lifecycle.
Overall, using GitLab CI has added value to Haven Technologies’ software development lifecycle by automating a number of processes — especially around branching — and freeing up developer time.
All information and persons involved in case study are accurate at the time of publication.
[#### Find out which plan is best for your team.\
\
See our pricing plans](/pricing/)
[#### How much is your current toolchain costing you?\
\
ROI calculator](/calculator/)
* * *
[\
\
#### FullSave\
\
FullSave simplifies toolchain\
\
Read story](/customers/fullsave/)
[\
\
#### Siemens\
\
How Siemens created an open source DevOps culture with GitLab\
\
Read story](/customers/siemens/)
[\
\
#### Hilti\
\
How CI/CD and robust security scanning accelerated Hilti's SDLC\
\
Read story](/customers/hilti/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# GitLab named a Leader in the Gartner® Magic Quadrant™ for DevOps Platforms | GitLab

GitLab named a Leader in the 2024 Gartner® Magic Quadrant™ for DevOps Platforms for the second consecutive year.
================================================================================================================
* Named a Leader In DevOps platforms
* Positioned highest in Ability to Execute
* Positioned highest in Completeness of Vision
----------------------------------------------------------------------------------------------------------------------------------------
[View the report](#download-form)


##### GitLab is named a Leader in the 2024 Gartner® Magic Quadrant™ for
DevOps Platforms
For the second year in a row, GitLab is once again named a Leader in Gartner’s 2024 Magic Quadrant for DevOps Platforms and positioned highest in both Ability to Execute and Completeness of Vision.
Since our founding, we have been focused on bringing together everyone across the software development lifecycle – development, security, and operations teams – and allowing them to collaborate and deliver the software of tomorrow on one AI-driven DevSecOps platform. This year’s recognition not only reinforces our vision of software development, but also acknowledges our success in delivering customer value by bringing that vision to life.
##### Access the report
Read the report for a complete picture of the DevOps Platforms market, vendors, and why GitLab is recognized as a Leader.
Gartner, Magic Quadrant for DevOps Platforms, Arun Batchu, Haritha Khandabattu, Philip Walsh, Matt Brasier, September 2024
Read more
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Industry Analyst Research | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
What top industry analysts are saying about GitLab
==================================================
##### Discover what industry analysts are saying about GitLab and learn how our AI-powered DevSecOps Platform helps customers solve their business challenges.

Market research of interest
---------------------------

The 2024 Gartner® Magic Quadrant™ for AI Code Assistants
[Learn More](https://about.gitlab.com/gartner-mq-ai-code-assistants/)
[Learn More](https://about.gitlab.com/gartner-mq-ai-code-assistants/)

The 2024 Gartner® Magic Quadrant™ for DevOps Platforms
[Learn More](https://about.gitlab.com/gartner-magic-quadrant/)
[Learn More](https://about.gitlab.com/gartner-magic-quadrant/)

2023 Gartner® Peer Insights Voice of the Customer: DevOps Platforms
[Learn More](https://www.gartner.com/reprints/?id=1-2G319K72&ct=231229&st=sb)
[Learn More](https://www.gartner.com/reprints/?id=1-2G319K72&ct=231229&st=sb)

The 2023 Gartner® Magic Quadrant™ for Application Security Testing
[Learn More](https://page.gitlab.com/resources-report-gartner-magic-quadrant-ast-2023.html)
[Learn More](https://page.gitlab.com/resources-report-gartner-magic-quadrant-ast-2023.html)

Omdia Market Radar: AI-Assisted Software Development, 2023-2024
[Learn More](https://learn.gitlab.com/devsecops-plat-ai/analyst-omdia-ai)
[Learn More](https://learn.gitlab.com/devsecops-plat-ai/analyst-omdia-ai)
Analyst relations contacts
--------------------------
#### Analyst Relations
##### Primary contact
[\[email protected\]](/cdn-cgi/l/email-protection#d0f0b1beb1bca9a3a4a2b5bcb1a4b9bfbea390b7b9a4bcb1b2feb3bfbd)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Platform Engineering | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
##### GitLab for platform engineering
The faster path to scalable software delivery
=============================================
Build a foundation for platform engineering with workflows-as-a-service for the entire software development lifecycle.
[Talk to sales](/sales/)

There’s a better, more efficient way to build software
------------------------------------------------------
Developers are overloaded with tasks outside their area of expertise
Many developers aren’t experts at tasks such as creating secure and efficient automation scripts for continuous integration (CI). Making these scripts available in a self-service portal saves developers’ time and reduces the risk of human error.
Organizations struggle to share best practices
Developers in one part of the organization are creating workflows, pipelines, and configurations that might be useful to others. Sharing predefined, customizable templates across the organization means no one has to reinvent the wheel every time.
Having too many DevOps tools hampers collaboration
When different teams use different software delivery toolchains and different workflows, collaboration takes a hit. Bringing everyone together into a single platform ensures there’s no disconnect.
Platform engineering accelerates software development by providing DevSecOps teams with a single self-service portal for tools and workflows — reducing cognitive load and making software delivery more scalable.
I was looking to free up the hands of my DevOps engineers … I wanted them to focus on the things that actually matter — how we produce code, how we properly deploy code. We could do that with a platform.”

Nadav Robas
DevOps & DevSecOps Manager, Agoda
[Read the case study](/customers/agoda/)

GitLab: The gold standard for platform engineering teams

#### Boost productivity and efficiency
##### Reusable CI/CD components
The GitLab CI/CD Catalog — a central hub for discovering and reusing components — helps developers move faster and ensures knowledge can be more evenly distributed across the organization.
[Learn more](https://docs.gitlab.com/ee/ci/components/index.html#cicd-catalog)
##### Automated security and compliance
GitLab is the only DevSecOps platform that includes native security and compliance capabilities at all stages of the software development lifecycle, enabling teams to find and fix problems when they’re cheaper and easier to solve.
[Learn more](/solutions/security-compliance/)
##### AI throughout the software development lifecycle
GitLab gives teams a central place to discover AI-powered capabilities — from code suggestions to explanations of security vulnerabilities to root cause analysis — that accelerate every aspect of software development.
[Learn more](/gitlab-duo/)
#### Drive efficiency with data
##### End-to-end visibility and insights
GitLab brings data from every part of the software delivery lifecycle into a single place so everyone involved in software development has access to the latest information.
[Learn more](/solutions/analytics-and-insights/)
##### Productivity metrics and analytics
GitLab is the only DevSecOps platform built on a unified data store, enabling teams to easily track key metrics, assess the impact of process improvements, and drill down into roadblocks.
[Learn more](/solutions/value-stream-management/)
##### Security dashboards and vulnerability reports
From built-in CI/CD pipeline templates to automatic code testing, a single platform for software delivery enables developers to focus on building high-quality applications, without context-switching.
[Learn more](https://docs.gitlab.com/ee/user/application_security/security_dashboard/)
#### Foster collaboration at scale
##### Out-of-the-box pipeline templates and automation
Bringing everyone into the same platform streamlines communication and helps developers stay in the loop on strategy and scope — enabling more efficient planning, building, testing, securing, deployment, and monitoring of code.
[Learn more](/solutions/agile-delivery/)
##### Accessible documentation and wikis
Each GitLab project includes a wiki: a central place to provide documentation, share best practices, or organize information right alongside the code — so teams don’t have to switch to a separate tool.
[Learn more](https://docs.gitlab.com/ee/user/project/wiki/)
##### Built-in integrations
GitLab provides a unified framework for producing quality software that organizations can easily extend with built-in integrations for common tools.
[Learn more](https://docs.gitlab.com/ee/integration/)

"Now, we can be confident changes to our pipelines are automatically and thoroughly tested, and we can easily support both fast-moving development teams and risk-averse teams that are maintaining mission-critical capabilities. Our new approach, built on some key GitLab CI features, has helped us find the right balance of commonality and customization.” "
Alan Hohn Director of Software Strategy, Lockheed Martin
[Read the case study](/customers/lockheed-martin/)
80% faster CI pipeline builds
90% less time spent on system maintenance
Resources
---------
[View all resources](/resources/)
* * *
Video

### How GitLab Enables Platform Engineering
Watch the video
[Blog\
\
 \
\
### How DevOps and platform engineering turbocharge efficiency\
\
Read more](/the-source/platform/how-devops-and-platform-engineering-turbocharge-efficiency/)
[Ebook\
\
 \
\
### The Ultimate Playbook for High-Performing DevSecOps Teams\
\
Download the ebook](https://page.gitlab.com/ebook-playbook-high-performing-devsecops-teams.html)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Continuous Integration and Delivery | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
GitLab’s complete CI/CD solution
Accelerate delivery with CI/CD automation
-----------------------------------------
Build, test, package, and ship secure software faster. Again and again.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/&glm_content=default-saas-trial)
[Contact sales](/sales/)


A modern platform for modern workflows
------------------------------------------
Working with legacy code? GitLab’s platform will bring you up to speed.
Launch Demo
### Accelerate releases
Automate the building, testing, packaging, and deploying of secure code from code commit to production, so you can release better quality code more often.
[Learn more](/solutions/delivery-automation/)
### Increase transparency and visibility
Leverage our unified platform to track your CI/CD pipeline and get all the metrics you need to continuously improve and keep business stakeholders in the loop.
[Learn more](/solutions/visibility-measurement/)
### Standardize and scale
Ensure every project is secure, predictable, and measurable — whether it’s just one or hundreds — with built-in or custom CI/CD pipeline templates.
### Improve developer experience
Minimize manual repetitive tasks and context-switching with GitLab’s automation and generative AI tools, like GitLab Duo, so developers can focus on value-driven work.
[Learn more](/platform/)
Scale as you grow
=================
With built-in or custom CI/CD pipeline templates, you can automatically scan your code to create and run pipelines to build, test, package, and deploy your application — all tailored to fit your evolving needs as a growing organization.
[Learn how to get started](https://docs.gitlab.com/ee/ci/)

**CI/CD catalog:** No need to build pipelines from scratch. Use pre-configured CI/CD components from our public catalog, or create a private catalog to share pipelines within your organization.
**Merge trains:** Keep your main branch green and developers collaborating effectively.
**Parent-child pipelines:** Split growing pipelines into multiples to decrease complexity and improve performance.
**Hosted runners:** Run your CI/CD jobs without having to procure your own infrastructure — or bring your own.
Automate security
=================
Integrate security testing and compliance checks at code commit, and empower developers to easily identify, isolate, and fix code faults before they reach production.
[Learn about Security & Compliance](/solutions/security-compliance/)

**Continuous vulnerability scanning:** Protect your organization by scanning for known open source vulnerabilities, regardless of when your code was last updated.
**SAST:** Scan your application source code and binaries to spot potential vulnerabilities before deployment.
**Compliance pipelines:** Ensure that important policies are enforced, whether it’s standard regulatory controls or your own policy framework.
Continuously deploy
===================
Confidently and consistently release software with enterprise-level delivery tools to manage progressive deployments, orchestrate infrastructure, and protect application environments.
[Learn about Enterprise-level deployment](https://docs.gitlab.com/ee/topics/release_your_application.html)

**Progressive delivery:** Control where you deploy and test code in production with a small portion of your user base.
**Canary deployments:** Gradually roll out changes to reduce risk and impact.
**Deployment flexibility:** Deploy to virtual machines, Kubernetes clusters, or Faas from multiple cloud vendors.
Get an AI assist
================
GitLab delivers CI/CD in a single platform with integrated generative AI at every stage of the software development lifecycle.
[Learn about GitLab Duo](/gitlab-duo/)

**Security vulnerability explanations:** Remediate vulnerabilities more efficiently and ship secure code faster thanks to info about the vulnerability, how it might be exploited, and how to fix it.
**Root cause analysis:** Save time troubleshooting with AI-assisted root cause analysis for CI/CD job failures.
**Value stream forecasts:** Identify potential areas for future improvement, and strengthen planning and decision-making.

"By switching to GitLab and automating deployment, teams have moved from monthly or weekly deliveries to daily or multiple daily deliveries."
Alan Hohn Director of Software Strategy, Lockheed Martin
[Read the case study](/customers/lockheed-martin/)
80% faster CI pipeline builds
90% less time spent on system maintenance
Which tier is right for you? [View plans](/pricing)
Free
----
### Use GitLab for personal projects
$ 0
per user/month, no credit card required [Get started](/pricing)
Premium
-------
### For scaling organizations and multi-team usage
$ 29
per user/month billed annually [Why Premium?](/pricing/premium/)
Ultimate
--------
### For enterprises looking to deliver software faster
For when your mission-critical software requires organization-wide security, compliance, and planning. [Why Ultimate?](/pricing/ultimate/)
Resources
---------
Get the latest CI/CD insights right here
[More CI/CD resources](/resources?topic=CI%2FCD)
[### How to achieve DevSecOps with GitLab CI/CD\
\
Shift left with build-in security tools and best practices](https://page.gitlab.com/achieve-devsecops-cicd-ebook.html)
[### CI/CD Catalog goes GA: No more building pipelines from scratch\
\
Discover and share pipeline building blocks to help standardize and scale pipelines.](https://about.gitlab.com/blog/2024/05/08/ci-cd-catalog-goes-ga-no-more-building-pipelines-from-scratch/)
[### How Indeed transformed its CI platform with GitLab\
\
See how the world's #1 job site migrated thousands of projects to GitLab CI — and increased productivity and cut costs in the process.](https://about.gitlab.com/blog/2024/08/27/how-indeed-transformed-its-ci-platform-with-gitlab/)
Ship better software. Faster
----------------------------
Accelerate, collaborate, and secure your code with GitLab
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Why GitLab Ultimate? | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
Why Ultimate?
=============
### Ideal for organization-wide security, compliance, and planning
Available in both SaaS and self-managed deployment options, GitLab Ultimate adds:
* Advanced security capabilities
* Priority support
* Security risk mitigation
* Live upgrade assistance
* Compliance
* Portfolio management
* Value stream management
* Customer Success Manager for eligible customers
[Compare all features](/pricing/feature-comparison/)
GitLab Ultimate also allows for free guest user licenses to improve your license usage for users with minimal interaction with the system.
[Buy Ultimate now](https://gitlab.com/-/subscriptions/new?plan_id=2c92a0ff76f0d5250176f2f8c86f305a&test=capabilities)
[Learn about Premium](/pricing/premium/)
### Calculate the cost for your organization
GitLab offers unlimited free guest users on Ultimate plans
Number of GitLab seats
Number of guest users
Premium monthly cost\*
$0 [Buy Premium](https://gitlab.com/-/subscriptions/new?plan_id=2c92a0ff76f0d5250176f2f8c86f305a&test=capabilities)
Ultimate monthly cost\*
$0 [Buy Ultimate](https://gitlab.com/-/subscriptions/new?plan_id=2c92a0ff76f0d5250176f2f8c86f305a&test=capabilities)
\*All plans billed annually. The listed prices may be subject to applicable local and withholding taxes. Pricing may vary when purchased through a partner or reseller. See our [Pricing Page](/pricing/)
for more details.
GitLab Ultimate helps you
-------------------------
### Increase Operational Efficiencies
GitLab Ultimate provides a single, scalable interface for organization wide DevSecOps, reducing handoffs across tools and teams - thereby improving efficiencies.
### Deliver Better Products Faster
With end to end Value Stream Management and Portfolio Management, GitLab Ultimate allow for greater visibility and transparency across projects - helping to eliminate bottlenecks and deliver products faster.
### Reduce Security and Compliance Risk
GitLab Ultimate introduces built-in security testing, compliance and preventive security for cloud native applications helping you manage security risk and achieve regulatory compliance.


CARFAX improves security, cuts pipeline management and costs with GitLab
[Read Case Study](/customers/carfax/)
ROI calculator
--------------
[](#wu-roi-calculator)
### How much is your toolchain costing you?
* 1
Your people
* 2
Current spend
* 3
Your savings
How many people are using and maintaining your tool chain?
----------------------------------------------------------
Number of users
Number of DevSecOps tools maintainers
Continue to next step
Approximately, what is your spend per year (in USD) on these capabilities?
--------------------------------------------------------------------------
Source Code Management
$
Agile Project Management
$
Continuous Integration
$
Agile Portfolio Management
$
Continuous Delivery
$
Application Security
$
Registries
$
See your savings
[Buy Ultimate now](https://gitlab.com/-/subscriptions/new?plan_id=2c92a0ff76f0d5250176f2f8c86f305a&test=capabilities)
[Learn about Premium](/pricing/premium/)
On this page
[Overview](#overview)
[ROI calculator](#wu-roi-calculator)
[Ultimate features](#wu-ultimate-features)
[Get in touch](#get-in-touch)
To top
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Topics
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
Industry Topics
===============
Get insights into industry trends
[Agile delivery\
==============\
\
Learn More](/topics/agile-delivery/)
[CI/CD\
=====\
\
Learn More](/topics/ci-cd/)
[Cloud native\
============\
\
Learn More](/topics/cloud-native/)
[Continuous delivery\
===================\
\
Learn More](/topics/continuous-delivery/)
[DevOps\
======\
\
Learn More](/topics/devops/)
[DevOps platform\
===============\
\
Learn More](/topics/devops-platform/)
[DevSecOps\
=========\
\
Learn More](/topics/devsecops/)
[Digital transformation\
======================\
\
Learn More](/topics/digital-transformation/)
[GitLab for Ops\
==============\
\
Learn More](/topics/ops/)
[GitOps\
======\
\
Learn More](/topics/gitops/)
[Microservices\
=============\
\
Learn More](/topics/microservices/)
[Multicloud\
==========\
\
Learn More](/topics/multicloud/)
[Serverless\
==========\
\
Learn More](/topics/serverless/)
[Single application\
==================\
\
Learn More](/topics/single-application/)
[Version control\
===============\
\
Learn More](/topics/version-control/)
[What is a distributed version control system?\
=============================================\
\
Learn More](/topics/version-control/benefits-distributed-version-control-system/)
[What is cloud native continuous integration?\
============================================\
\
Learn More](/topics/ci-cd/cloud-native-continuous-integration/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Why GitLab Premium? | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
GitLab Premium & GitLab Duo Pro — $19 for new small business customers
[Learn more](/pricing/smb-promo/)
Why Premium?
============
### Ideal for enhancing team productivity and coordination
Available in both SaaS and self-managed deployment options, GitLab Premium helps to enhance team productivity and collaboration through:
* Faster code reviews
* Release controls
* Priority support
* Advanced CI/CD
* Live upgrade assistance
* Enterprise Agile Planning
* Technical account manager for eligible customers
* High Availability, Disaster Recovery for self-managed instances
[Compare all features](/pricing/feature-comparison/)
[Buy Premium now](https://gitlab.com/-/subscriptions/new?plan_id=2c92a0ff76f0d5250176f2f8c86f305a&test=capabilities)
[Learn about Ultimate](/pricing/ultimate/)
### Calculate the cost for your organization
GitLab offers unlimited free guest users on Ultimate plans
Number of GitLab seats
Number of guest users
Premium monthly cost\*
$0 [Buy Premium](https://gitlab.com/-/subscriptions/new?plan_id=2c92a00d76f0d5060176f2fb0a5029ff&test=capabilities)
Ultimate monthly cost\*
$0 [Buy Ultimate](https://gitlab.com/-/subscriptions/new?plan_id=2c92a00d76f0d5060176f2fb0a5029ff&test=capabilities)
\*All plans billed annually. The listed prices may be subject to applicable local and withholding taxes. Pricing may vary when purchased through a partner or reseller. See our [Pricing Page](/pricing/)
for more details.
GitLab Premium helps you
------------------------
### Increase Operational Efficiencies
GitLab Premium introduces capabilities that allow enterprises analyze team, project and group trends to uncover patterns and setup consistent standards to improve overall productivity.
### Deliver Better Products Faster
With Advanced CI/CD and faster code reviews, GitLab Premium helps you build, maintain, deploy and monitor complex application pipelines better to deliver products faster.
### Reduce Security and Compliance Risk
Release controls in GitLab Premium ensure that teams ship high quality and secure code.


How GitLab Geo supports NVIDIA’s innovation
[Read Case Study](/customers/nvidia/)
ROI calculator
--------------
[](#wp-roi-calculator)
### How much is your toolchain costing you?
* 1
Your people
* 2
Current spend
* 3
Your savings
How many people are using and maintaining your tool chain?
----------------------------------------------------------
Number of users
Number of DevSecOps tools maintainers
Continue to next step
Approximately, what is your spend per year (in USD) on these capabilities?
--------------------------------------------------------------------------
Source Code Management
$
Agile Project Management
$
Continuous Integration
$
Agile Portfolio Management
$
Continuous Delivery
$
Application Security
$
Registries
$
See your savings
[Buy Premium now](https://gitlab.com/-/subscriptions/new?plan_id=2c92a00d76f0d5060176f2fb0a5029ff&test=capabilities)
[Learn about Ultimate](/pricing/ultimate/)
On this page
[Overview](#overview)
[ROI calculator](#wp-roi-calculator)
[Premium features](#wp-premium-features)
[Get in touch](#get-in-touch)
To top
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Case studies from GitLab customers | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
Customer stories
Customers ship software faster with GitLab
==========================================
[See all customer stories](/customers/all/)

Nasdaq is using “the power and elegance of GitLab” to achieve its cloud transformation vision

Southwest Airlines is using GitLab to bring consistency to metrics, security, and code quality.

For CACI International, using GitLab better ensures software security and developer efficiency.
previous slide
next slide
[See all customer stories](/customers/all/)

 If there’s a vulnerability in a critical system on a Naval ship, we can’t wait two years to fix it. It’s essential to national security that we do it in days, if not hours. GitLab is fundamental to how we do that.
Josh Metheney
Director of Engineering, Sigma Defense
[Read story](/customers/sigma-defense)

 From months to days: MIS accelerates support for disaster victims with GitLab [Read story](/customers/mckenzie-intelligence-services/)

 European tech company Cube drives secure software with AI in GitLab Duo [Read story](/customers/cube/)
[See all customer stories](/customers/all/)
[](/customers/airbus/)
[](/customers/deutsche-telekom/)
[](/customers/hackerone/)
[](https://www.youtube.com/watch?v=sT85nT9X2mM)
[](/blog/2021/08/04/ubs-gitlab-devops-platform/)
[](/customers/siemens/)
[](/customers/hilti/)
[](/customers/fujitsu/)
[](/customers/fanatics/)
[](/customers/haven-technologies/)
[](/customers/deakin-university/)
[](/customers/dunelm/)
[](/customers/nvidia/)
[](/customers/goldman-sachs/)
[](/customers/iron-mountain/)
[](/customers/credit-agricole/)
[See more Enterprise stories](/customers/all/?companySize=enterprise)
[\
\
#### Dunelm\
\
Dunelm “shifts left”: U.K. homewares leader moves security to front of cycle, boosts cloud move Read story](/customers/dunelm/)
[\
\
#### Bendigo and Adelaide Bank\
\
Learn how GitLab is accelerating DevOps at Bendigo and Adelaide Bank Read story](/customers/bab/)
[\
\
#### Nvidia\
\
How GitLab Geo supports NVIDIA’s innovation Read story](/customers/nvidia/)
 How CI/CD and robust security scanning accelerated Hilti’s SDLC
400%
increase in code checks
50%
shorter feedback loops
12x
faster deployment time
GitLab is bundled together like a suite and then ships with a very sophisticated installer. And then it somehow works. This is very nice if you're a company which just wants to get it up and running.
Daniel Widerin
Head of Software Delivery, Hilti
[Read story](/customers/hilti/)
400%
increase in code checks
50%
shorter feedback loops
12x
faster deployment time
[Learn how GitLab for Enterprises can help your team ship secure code faster and drive business results.\
\
Learn more](/enterprise/)
G2 Leader in DevSecOps
Industry Analyst Research
GitLab ranks as a G2 Leader across DevSecOps categories

What top Industry Analysts are saying about GitLab
[Learn more](/analysts/)
[\
\
The 2019 Forrester Wave™: Cloud-Native Continuous Integration Tools](/analysts/forrester-cloudci19/)
[\
\
2022 Gartner® Magic Quadrant for Enterprise Agile Planning Tools](/analysts/gartner-eapt21/)
[\
\
2022 Gartner® Magic Quadrant™ for Application Security Testing](/analysts/gartner-ast22/)
[\
\
2021 Gartner® Market Guide for Value Stream Delivery Platforms](/analysts/gartner-vsdp21/)
[Learn more](/analysts/)
Learn how GitLab solves some of today’s toughest challenges
-----------------------------------------------------------
[See all customer stories](/customers/all/)

Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Guide to the cloud - How to navigate the multi-cloud future
|
GitLab
The future of cloud computing
### As teams move to faster release cycles, they're looking to cloud-based architectures and cloud services to help them scale and automate.
[Download our ebook](#pdf)
Increasing development speed is often limited by the boundaries of infrastructure. Enterprises large and small have adopted cloud computing to help them be more efficient in their growth journey. Whether it's managing infrastructure, data storage and recovery, cloud-native application development, or software on-demand – cloud computing is changing the way we deliver software.
It's not enough to just adopt cloud computing. Organizations need cohesion for their cloud-first vision, and a multi-cloud approach allows teams the flexibility to deploy anywhere with workflow portability. DevOps applications that support multi-cloud will help organizations prepare for the multi-cloud future.
In our ebook, _Guide to the cloud: How to navigate the multi-cloud future_, you’ll learn:
-----------------------------------------------------------------------------------------
* Why cloud deployment and service models benefit from microservices
* Common cloud challenges and the benefits of cloud-agnostic DevOps
* How a multi-cloud strategy enables growth and flexibility
The cloud of tomorrow
---------------------
* Organizations of the future are embracing multi-cloud, supported by solutions that are truly cloud-agnostic and offer all of the flexibility and visibility they need to move seamlessly between services.
* IT infrastructure is elastic and scales up or down automatically; teams can build and test applications for web, mobile and API without worrying about their architecture.
* Data is secure, accessible across any network, and optimized for machine learning and artificial intelligence.
* Teams can deploy to any environment in any cloud with a single deployment workflow.
The future is multi-cloud
=========================
Download our ebook for insights on how we’re helping teams harness the power of the cloud.
------------------------------------------------------------------------------------------
### [Click here to view the ebook](https://learn.gitlab.com/cloud-native/guide-to-the-cloud?lb_email=)
You will also receive a link to the report to your inbox shortly.
---
# The Role of AI in DevOps
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
[Topics](/topics/)
[Devops](/topics/devops/)
The Role of AI in DevOps
The Role of AI in DevOps
========================
* * *
AI is revolutionizing the way we do DevOps. Learn how artificial intelligence is being applied to improve software development processes and streamline operations.
AI in DevOps
------------
[](#ai-in-dev-ops)
[AI in DevOps](https://about.gitlab.com/gitlab-duo/)
involves the use of machine learning (ML) and other artificial intelligence technologies to automate and optimize the software development and delivery process. This includes everything from automating testing and deployment processes to improving resource management and enhancing security.
By leveraging the use of AI in DevOps, organizations benefit from the improved speed, accuracy, and reliability of the software development lifecycle. Which, in turn, leads to faster deployments, reduced errors, and increased overall productivity.
### What is artificial intelligence?[](#what-is-artificial-intelligence)
Artificial Intelligence (AI) refers to the development of computer systems that perform tasks in a manner that simulates human intelligence. These computer systems, or machines, are programmed to perform tasks such as learning, reasoning, and problem-solving. AI is quickly becoming incorporated within many processes across a range of industries due to its ability to automate tasks, reduce errors, and make fast, intelligent decisions based on data analysis.
### What is DevOps?[](#what-is-devops)
[DevOps](/topics/devops/)
is a software development approach that emphasizes collaboration and communication between development and operations teams. DevOps aims to shorten the development cycle, increase deployment frequency, and deliver products faster and with higher quality. It involves the use of agile methodologies, continuous integration and delivery, and automation to streamline the development process.
### Types of AI used in DevOps[](#types-of-ai-used-in-devops)
There are several types of AI used in DevOps, including:
* Machine learning
* Natural language processing
* Computer vision
* Chatbots and virtual assistants
What are the benefits of using AI in DevOps?
--------------------------------------------
[](#what-are-the-benefits-of-using-ai-in-dev-ops)
AI and machine learning are already having a big impact on the creation, deployment, management, and testing of infrastructure and software thanks to their speed and accuracy. Automated testing, anomaly detection, artificial intelligence, and machine learning will all greatly enhance the development cycle.
By replacing some of their manual processes with automated, AI-powered solutions, DevOps teams can improve product quality and more effectively manage their systems.
* **Increased efficiency and speed:** One of the main benefits of using AI in DevOps is increased efficiency and speed. By automating many of the tasks that are associated with software development and delivery, organizations can complete projects faster and also with fewer errors.
* **Improved accuracy and consistency:** AI can help improve the accuracy and consistency of software development and delivery. By automating testing and other tasks, organizations can reduce the risk of human error and ensure that every step of the process is executed with the same level of attention to detail.
* **Better resource management:** AI allows organizations to better manage their resources. This is achieved by optimizing the use of cloud infrastructure, automating resource allocation, and identifying areas where resources may be wasted or underutilized.
* **Enhanced security:** AI can also help enhance security by means of automating threat detection and response, identifying potential vulnerabilities before they can be exploited, and providing real-time alerts when security issues arise.
How to implement AI in DevOps
-----------------------------
[](#how-to-implement-ai-in-dev-ops)
### Using AI for CI/CD[](#using-ai-for-cicd)
One of the most common ways to use AI in DevOps is for continuous integration and continuous delivery or deployment (CI/CD). AI helps to automate the process of building, testing, and deploying code, so that any changes that pass appropriate tests can then be integrated into the existing codebase and deployed to production environments right away. This process can help reduce the risk of errors and improves the overall quality of the software being developed.
### Automating testing with AI[](#automating-testing-with-ai)
AI can also be used to [automate testing processes](https://about.gitlab.com/blog/2022/09/15/why-ai-in-devops-is-here-to-stay/)
, which is critical for organizations that want to achieve continuous delivery. By using AI to automatically run tests on new code, developers can quickly identify and fix any issues that arise, ensuring that the code is ready for deployment as soon as possible. Popular tools for this purpose include Selenium and Water.
### Code suggestions[](#code-suggestions)
AI can suggest code while developers are typing. These [AI-assisted code suggestions](https://about.gitlab.com/blog/2023/03/23/ai-assisted-code-suggestions/)
can help your team write code more efficiently and release software faster.
### Enhancing monitoring and alerting with AI[](#enhancing-monitoring-and-alerting-with-ai)
Another important aspect of DevOps is monitoring and alerting. AI can be used to monitor systems and applications in real-time, detecting potential issues before they become problems. Additionally, AI can be used to automatically generate alerts when specific conditions are met, helping operations teams respond more quickly to incidents and preventing downtime.
### Finding the right code reviewers[](#finding-the-right-code-reviewers)
AI and ML models can be used to help developers find the right people to review their code and merge requests. These automatic suggested reviewers can help developers receive faster and higher-quality reviews, and reduce context switching.
### Incorporating AI for continuous improvement[](#incorporating-ai-for-continuous-improvement)
AI can also be used to support continuous improvement efforts within DevOps organizations. By analyzing data from various sources, such as logs, performance metrics, and user feedback, AI can identify trends and patterns that may indicate areas where improvements can be made. This information can then be used to guide future development efforts and optimize the software delivery process.
### Using AI for anomaly detection[](#using-ai-for-anomaly-detection)
AI can be used to detect anomalies in log data or other sources of data. This can help DevOps teams identify potential issues before they become critical, reducing downtime and improving product quality.
### Root cause analysis with AI[](#root-cause-analysis-with-ai)
AI can be used to perform root cause analysis on issues that occur in the development process. This can help DevOps teams identify the underlying cause of the problem and take steps to prevent it from happening again.
### Understanding vulnerabilities with AI[](#understanding-vulnerabilities-with-ai)
AI can be used to summarize vulnerabilities and suggest a way to mitigate them. This can help developers and security analysts remediate vulnerabilities faster and more efficiently, and uplevel their skills so they can write more secure code in the future.
Best practices for using AI in DevOps
-------------------------------------
[](#best-practices-for-using-ai-in-dev-ops)
### Start small and iterate[](#start-small-and-iterate)
When [implementing AI in DevOps](https://about.gitlab.com/blog/2023/05/03/gitlab-ai-assisted-features/)
, it's often best to start small and iterate. Begin by identifying specific areas where AI can provide the most benefit, and then gradually expand AI adoption as you learn more about its effectiveness and limitations.
### Involve the right stakeholders[](#involve-the-right-stakeholders)
It's essential to involve stakeholders from across the organization when implementing AI in DevOps. This includes developers, IT operations staff, and business leaders who can provide valuable insights and feedback on how AI is being used and its impact on the organization.
### Continuously evaluate and improve[](#continuously-evaluate-and-improve)
Regularly evaluate the performance of AI tools and algorithms to ensure they are providing the intended benefits, and make necessary adjustments as needed. Continuously improve AI-driven processes by incorporating lessons learned and new best practices as they emerge.
### Maintain transparency and accountability[](#maintain-transparency-and-accountability)
Transparency and accountability are essential when using AI in DevOps. Ensure that all stakeholders understand how AI tools are being used, the data sources they rely on, and any potential biases or limitations associated with their use. Establish clear lines of responsibility and oversight for AI-driven processes to maintain trust and confidence in the system.
### Ensure data quality and security[](#ensure-data-quality-and-security)
When using AI in DevOps, it is important to ensure that the data being used is of high quality and secure. In order to achieve this, it is necessary to implement data governance policies and use secure data storage solutions.
### Incorporate human oversight[](#incorporate-human-oversight)
AI can automate many tasks in DevOps, however it is important to have human oversight so as to ensure that the AI is making intelligent decisions. In order to ensure optimum processes, ensuring human approval for critical decisions is still required.
What are the predictions for the future of DevOps and AI?
---------------------------------------------------------
[](#what-are-the-predictions-for-the-future-of-dev-ops-and-ai)
New trends and technologies are emerging that will further shape the future of AI in DevOps. These include the increased use of machine learning models to predict and optimize resource allocation, the development of more sophisticated AI-driven monitoring and alerting tools, and the integration of AI with other emerging technologies such as edge computing and serverless architectures.
Additionally, AI will likely enable new approaches to DevOps, such as autonomously optimizing software performance, improving code quality, and even generating code based on high-level requirements or business goals.
On this page
[AI in DevOps](#ai-in-dev-ops)
[What are the benefits of using AI in DevOps?](#what-are-the-benefits-of-using-ai-in-dev-ops)
[How to implement AI in DevOps](#how-to-implement-ai-in-dev-ops)
[Best practices for using AI in DevOps](#best-practices-for-using-ai-in-dev-ops)
[What are the predictions for the future of DevOps and AI?](#what-are-the-predictions-for-the-future-of-dev-ops-and-ai)
More on AI in DevOps
--------------------
[View all resources](/resources/)
* * *
[Blog\
\
 \
\
### What the ML is up with DevSecOps and AI?\
\
Learn more](/blog/2023/03/16/what-the-ml-ai/)
[Blog\
\
 \
\
### How AI-assisted code suggestions will advance DevSecOps\
\
Learn more](/blog/2023/03/23/ai-assisted-code-suggestions/)
[Blog\
\
 \
\
### How AI will change software development\
\
Learn more](/blog/2020/10/28/ai-in-software-development/)
[Blog\
\
 \
\
### Top 10 ways machine learning may help DevOps\
\
Learn more](/blog/2022/02/14/top-10-ways-machine-learning-may-help-devops/)
[Blog\
\
 \
\
### How machine learning ops works with GitLab and continuous machine learning\
\
Learn more](/blog/2020/12/01/continuous-machine-learning-development-with-gitlab-ci/)
[Blog\
\
 \
\
### How Comet can streamline machine learning on The GitLab DevOps Platform\
\
Learn more](/blog/2021/11/08/machine-learning-on-the-gitlab-devops-platform/)
[Blog\
\
 \
\
### Why AI in DevOps is here to stay\
\
Learn more](/blog/2022/09/15/why-ai-in-devops-is-here-to-stay/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Pricing | GitLab
GitLab Premium & GitLab Duo Pro — $19 for new small business customers
[Learn more](/pricing/smb-promo/)
Get the AI-powered DevSecOps Platform
=====================================
GitLab.com
Self Managed
Dedicated
We host, no technical setup required.
Free
----
Use GitLab for personal projects
$ 0
per user/month,
No credit card required
[Get started](https://gitlab.com/-/trial_registrations/new?_gl=1%2A1c025i%2A_ga%2AMTYyOTY3MzIyLjE2ODcyNzM0MTI.%2A_ga_ENFH3X7M5Y%2AMTY4NzI3MzQxMS4xLjAuMTY4NzI3MzQxNC4wLjAuMA)
* 400 compute minutes per month [\[1\]](#why-do-i-need-to-enter-credit-debit-card-details-for-free-compute-minutes)
* 5 users per top-level group [\[4\]](#what-is-the-5-user-limit-on-the-gitlab-com-free-tier)
Premium
-------
For scaling organizations and multi-team usage
For when your growing organization needs to automate software delivery and improve collaboration between teams
$ 29
per user/month,
billed annually
[Contact Sales](/sales)
[Buy GitLab Premium](https://gitlab.com/-/subscriptions/new?plan_id=2c92a00d76f0d5060176f2fb0a5029ff&test=capabilities)
* Code Ownership and Protected Branches
* Merge Requests with Approval Rules
* Team Planning
* Advanced CI/CD
* Enterprise User and Incident Management
* Support
* 10,000 compute minutes per month
[Learn more about Premium](/pricing/premium/)
Ultimate
--------
For enterprises looking to deliver software faster
For when your mission-critical software requires organization-wide security, compliance, and planning
[Contact Sales](/sales/)
* Dynamic Application Security Testing
* Security Dashboards
* Vulnerability Management
* Dependency Scanning
* Container Scanning [\[1\]](#features-and-benefits)
* Static Application Security Testing [\[2\]](#features-and-benefits)
* Multi-Level Epics
* Enterprise Agile Planning
* Portfolio Management
* Custom Roles
* Value Stream Management
* 50,000 compute minutes per month
* Free guest users
[Learn more about Ultimate](/pricing/ultimate/)
### Compare all features
Add-ons[](#addons)
-------------------
###
GitLab Duo
Pro[](#pro)
For developers that want to focus on innovation and deliver high-quality software
$19
per user/month,
billed annually
[Get Started](https://about.gitlab.com/solutions/gitlab-duo-pro/sales/)
**Features include:**
**Organizational User Controls**
* User permissions for AI capabilities
**Code Suggestions**
* Code generation
* Code completion
* Available in many popular IDEs and supports over 20 programming languages
**Chat**
* Code explanation
* Test generation
* Code refactoring
Available for Ultimate and Premium customers.
 New
###
GitLab Duo
Enterprise[](#enterprise)
For organizations that want AI throughout the software development lifecycle
Contact sales for pricing
[Get Started](https://about.gitlab.com/solutions/gitlab-duo-pro/sales/?type=contact-sales)
**Everything from GitLab Duo Pro, plus:**
**Summarization and Templating tools**
* Discussion summary
* Merge request summary
* Code review summary
**Security and Vulnerability tools**
* Vulnerability explanation
* Vulnerability resolution
**Advanced Chat with**
* Merge Request context
* Issue and Epic context
**Advanced Troubleshooting**
* Root Cause Analysis
**AI Analytics**
* AI Impact and Productivity Reporting
**Personalize GitLab Duo**
* GitLab Duo Self-Hosted (optional)
* Model Personalization\*
\*Planned. Additional terms and fees may apply.
Available for Ultimate customers.
[](/sales/)
[](/sales/)
### [Enterprise Agile Planning](/sales/)
[](#enterprise-agile-planning)
#### $15
per user/month, billed annually
* Replacement for Jira
* One planning workflow for everyone involved in the software development lifecycle
* Value stream analytics to measure velocity and impact
* Executive dashboards for organization-wide visibility
* Stand-alone Enterprise Agile Planning seats for GitLab Ultimate customers
\* For Ultimate customers only.
Contact us to purchase
[](https://docs.gitlab.com/ee/ci/pipelines/cicd_minutes.html#purchase-additional-compute-minutes)
[](https://docs.gitlab.com/ee/ci/pipelines/cicd_minutes.html#purchase-additional-compute-minutes)
### [Compute Minutes](https://docs.gitlab.com/ee/ci/pipelines/cicd_minutes.html#purchase-additional-compute-minutes)
[](#compute-minutes-addon)
#### $10
per 1,000 compute minutes,
one time payment
How to buy Compute
[](https://docs.gitlab.com/ee/subscriptions/gitlab_com/#purchase-more-storage)
[](https://docs.gitlab.com/ee/subscriptions/gitlab_com/#purchase-more-storage)
### [Storage](https://docs.gitlab.com/ee/subscriptions/gitlab_com/#purchase-more-storage)
[](#storage)
#### $5
per month for 10GiB of storage, billed annually
How to buy Storage
[\
\
### Learn how GitLab's DevSecOps Platform can help you.\
\
Talk to an expert](/sales/)
[\
\
### Purchase GitLab through Cloud Marketplaces seamlessly.\
\
Learn More](/cloud-partner-marketplaces/)
Frequently Asked Questions
--------------------------
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Duncan Aviation | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
[Customer stories](/customers/)
Duncan Aviation
 + 
GitLab ensures confident automation and compliance, secures deployments at Duncan Aviation
==========================================================================================
Conserved admin resources
Ensured vulnerability checks
Automated manual processes

Industry Aviation
Employees 2,761
Location Lincoln, NE
Solution
[GitLab SaaS Ultimate](/pricing/ultimate/)
Want to see what [GitLab Ultimate](/pricing/ultimate/)
can do for your team?
[Start your free trial](https://gitlab.com/-/trials/new?_gl=1%2Au3qiai%2A_ga%2AMTMyODM2NjQzOC4xNjU3OTA0NDQ2%2A_ga_ENFH3X7M5Y%2AMTY3ODkzMDM3MS40MDQuMC4xNjc4OTMwMzcyLjAuMC4w&glm_content=default-saas-trial&glm_source=about.gitlab.com%2F)
* * *
20x faster deploy time in Development environment
* * *
9x faster deploy time in Production environment
* * *
1,339 hours saved annually across teams
* * *
Ready to get started? [Get free trial](https://gitlab.com/-/trials/new?_gl=1%2Au3qiai%2A_ga%2AMTMyODM2NjQzOC4xNjU3OTA0NDQ2%2A_ga_ENFH3X7M5Y%2AMTY3ODkzMDM3MS40MDQuMC4xNjc4OTMwMzcyLjAuMC4w&glm_content=default-saas-trial&glm_source=about.gitlab.com%2F)
[Learn about pricing](/pricing/)
This leading aviation services company relies on GitLab Ultimate's SaaS offering to streamline software deployments and adapt to evolving security and compliance requirements.
GitLab helped us to automate manual processes using pipelines. Now we are deploying code regularly, getting essential changes and fixes to our customers a lot faster
\- Ben Ferguson, Senior Programmer, Duncan Aviation, Duncan Aviation
### Duncan Aviation deploys software that supports its jet services offerings, including maintenance, repair and operations
[Duncan Aviation](https://www.duncanaviation.aero/)
is the world's largest privately owned jet service provider, maintaining jets for business and government agencies, as well as for other aircraft service providers. Services include 24x7 system troubleshooting, repairs, and overhauls. The company's systems allow clients to track the progress of work being done on their aircraft. The company, founded in 1956, has three full-service facilities located in Battle Creek, MI, Lincoln, NE, and Provo, UT. Duncan Aviation works to comply with Cybersecurity Maturity Model Certification (CMMC) guidelines, in keeping with federal guidelines, to better secure software infrastructure. To do this, they establish and enforce security configuration settings for information technology products employed in the organization's systems. Secure configurations are an important aspect of Duncan Aviation's competitive advantage.
### Automate and speed builds, while meeting evolving security compliance goals
As development teams looked to accelerate software delivery, they quickly concluded that their collection of in-house deployment tools were not effectively scaling. Deploying code to a production environment required manual builds, testing, and deploying, which were prone to human error. Due to the lack of concrete documentation of what was actually deployed, errors were often solved by a redeploy rather than digging into the problem. Development managers knew automated scanning, tests, and linting were required. At the same time, Duncan Aviation's efforts to implement emerging government guidelines for secure applications highlighted its lack of dependable, repeatable, and full-featured deployment processes.
To solve these problems, the company needed a single-solution, end-to-end DevOps platform. A tech team at Duncan Aviation appraised a host of DevOps options, including both GitLab and GitHub. The team chose GitLab Ultimate. The SaaS-based platform, which is ideal for organizations looking to optimize and accelerate delivery while managing priorities, security, risk, and compliance, was brought on, in part, to scan for and identify vulnerabilities, and perform auditing and documentation. Choosing GitLab helped Duncan Aviation ensure compliance, while monitoring deployment status and providing insights into, and feedback on, pipeline issues.
### Agile methods take off with help from GitLab
GitLab Ultimate enables Duncan Aviation teams to conserve development and administration resources and implement Agile DevOps methods, while advancing shift-left security, enabling them to identify and fix defects much earlier in the software development lifecycle. The platform also automates formerly manual pipeline and scanning processes. “GitLab does everything we need it to. It ensures compliance, automates testing, and implements our changes quickly and consistently,” said Ben Ferguson, senior programmer/analyst at Duncan Aviation. “As a result, we worry less about implementing code and more about solving problems for our customers.”
Using GitLab's DevOps platform, Duncan Aviation's production time dropped on average from 45 minutes to 5 minutes. Regular platform updates are assured, giving Duncan Aviation immediate access to all of the platform's latest security, automation, collaboration, and online learning features. The platform also provides visibility across projects, reducing development time from 20 minutes to just 1 minute. GitLab also decreases administrative burdens, annually saving the team approximately 1,339 hours. Many CMMC requirements are addressed with GitLab, including efficient and fast identification and correction of system flaws; enforcement of security configuration settings for tools used in organizational systems; tracking of log changes; and analysis of the security impact caused by implementation changes.
### Code insight drives software confidence and secures vital aviation services
With GitLab Ultimate, Duncan Aviation saves time on system administration requirements. Its continuous integration and source code management capabilities streamline processes, supporting Agile methods. Team members can see pipeline issues, as well as security reports, all in one place, without the need to load and access multiple tools. Complex software fixes that could have delayed status updates for clients now are seamless and immediate.
GitLab security scanning has made Duncan Aviation teams more aware of vulnerability issues at the development stage as well as throughout the software lifecycle, positively impacting practices, according to Ferguson. “We deploy a lot more code than we used to, and it's a lot easier to deploy,” he said. “GitLab has helped us with our confidence that everything is working correctly. GitLab helps us, because we have more insight as to what code is running and where.” All and all, GitLab empowers teams, mitigates risk, differentiates customer services, and keeps Duncan Aviation software efforts at the forefront of change.
All information and persons involved in case study are accurate at the time of publication.
[#### Find out which plan is best for your team.\
\
See our pricing plans](/pricing/)
[#### How much is your current toolchain costing you?\
\
ROI calculator](/calculator/)
* * *
[\
\
#### FullSave\
\
FullSave simplifies toolchain\
\
Read story](/customers/fullsave/)
[\
\
#### Siemens\
\
How Siemens created an open source DevOps culture with GitLab\
\
Read story](/customers/siemens/)
[\
\
#### Hilti\
\
How CI/CD and robust security scanning accelerated Hilti's SDLC\
\
Read story](/customers/hilti/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Shifting from on-prem to cloud
[Blog](/blog/)
[Insights](/blog/categories/insights/)
Shifting from on-prem to cloud
Published on: January 9, 2020
6 min read
Shifting from on-prem to cloud
==============================
The challenges of being on-prem and what to consider when shifting to public cloud.

 [Chrissie Buchanan](/blog/authors/cbuchanan/)
[DevOps](/blog/tags/DevOps/)
[cloud native](/blog/tags/cloud-native/)
Cloud computing and cloud adoption are perennial topics when talking about scalability and growth, but many enterprises still operate a significant portion of their workloads in legacy environments. With so much information on the reduced infrastructure costs and the elasticity of public cloud, why do organizations still do all the work themselves?
In this discussion with Sr. Product Marketing Manager [William Chia](/company/team/#williamchia)
, we talk about the challenges traditional IT teams face, the barriers to cloud adoption, and strategies to consider for making the leap.
Why organizations use traditional IT[](#why-organizations-use-traditional-it)
------------------------------------------------------------------------------
The reasons that an organization may want to manage their own infrastructure are myriad and geared toward unique needs and/or limitations within their organization.
### Regulatory/Compliance[](#regulatorycompliance)
In highly-regulated industries such as banking and healthcare, or even government entities, there may be compliance concerns or risks that prevent them from utilizing public cloud. More control means more oversight and more accountability. "If I need to keep patient data private to comply with HIPAA, for example, if I keep 100% control of my systems and infrastructure I can ensure I comply. If I outsource to cloud services then I have to take different steps to ensure I'm not leaking PII," says William. Even though the big cloud providers – namely GCP, AWS, and Azure – have compliance built-in, some organizations may still be hesitant to have them assume those risks.
### Protecting sensitive data[](#protecting-sensitive-data)
IT leaders surveyed in a [Cloud Security Alliance report](https://www.skyhighnetworks.com/cloud-security-blog/5-surprising-truths-from-the-cloud-security-alliances-latest-survey/)
expressed that, while they are confident in cloud security capabilities, there are things that can go wrong beyond their control: Inside threats, compromised accounts, and misconfigured security settings up the stack that can all lead to security breaches. According to nearly 68% of the IT leaders surveyed, the ability to enforce corporate security policies is the [number one barrier to moving applications to the cloud](https://www.skyhighnetworks.com/cloud-security-blog/5-surprising-truths-from-the-cloud-security-alliances-latest-survey/)
. "The top-level concern basically comes down to control and data privacy," says William.
### Better costs[](#better-costs)
For companies operating at a small scale, cloud computing’s pay-per-use model will almost always be cheaper than managing your own data centers, but for larger-scale organizations that isn’t always the case. "There's a breaking point… If you run on-prem, it actually could be cheaper than your cloud bill at huge scale, but you’re running so much software you’re basically running your own private cloud at that point," says William. For a long-term strategy, organizations have to weigh their CapEx vs OpEx costs, and while [CapEx involves a large upfront expense in whole systems and servers](https://www.10thmagnitude.com/opex-vs-capex-the-real-cloud-computing-cost-advantage/)
, and the continued cost of maintenance, the computing volume could make this a worthwhile investment.
Another reason that companies may run their own infrastructure is because that’s how they’ve always done it. While not a very scientific answer, it’s the reality for many companies, especially those that grew before the age of cloud.
"Once upon a time, if you were a large enterprise and you had to run a lot of software, you had no choice but to manage it all yourself. And so now you have all these servers, you have all of these staff, and you have all of these business processes. You have a great deal of both physical and logical infrastructure and if you want to move to the cloud you have to change all of it. That comes at a very high cost," says William.
In the past, moving small amounts of data was relatively easy. When we start talking about exabytes of data, rather than terabytes of data, the process of migration becomes herculean. According to Jean-Luc Valente, the VP for product management in the cloud platforms and solutions group at Cisco, egressing that kind of data to a public cloud could [cost as much as $30 million dollars](https://www.zdnet.com/article/multicloud-is-here-but-challenges-remain/)
.
The challenges of on-prem infrastructure[](#the-challenges-of-on-prem-infrastructure)
--------------------------------------------------------------------------------------
While organizations may have specific reasons for running on-premises infrastructure, that decision comes with distinct challenges.
### Range of expertise[](#range-of-expertise)
"Above a certain level, you are managing all of your infrastructure and you're managing all of your uptime. That's a lot of expertise. You need to become as good at operating a cloud infrastructure as Amazon or Google is, which is why those public clouds are so radically popular. In order to get there requires a lot of resources," says William.
### Managing software and hardware[](#managing-software-and-hardware)
In order to manage uptime and security, operations teams need to perform software maintenance like upgrades and patches in addition to managing physical assets like servers, racks, power supplies, and network switches. At a certain point, an organization is devoting a lot of resources to just keeping things running rather than innovating, so all of these resources are being invested in undifferentiated engineering.
### Undifferentiated engineering[](#undifferentiated-engineering)
If it is not a core competency for your organization, then it’s undifferentiated engineering. "If you don't need to manage that on-premises data center or servers for a specific reason, then the cloud is more attractive because that's a high cost," says William. "You're spending a lot of engineering dollars on things that are not differentiating you in the marketplace."
Strategies for shifting to cloud[](#strategies-for-shifting-to-cloud)
----------------------------------------------------------------------
### The benefits of "lift-and-shift"[](#the-benefits-of-%22lift-and-shift%22)
In previous posts, we’ve talked about [legacy and monolithic applications acting as a barrier](/blog/2019/12/05/cloud-adoption-roadmap/)
for cloud adoption, but there can be some benefit to lifting and shifting those applications to the cloud. While you may not be able to take full advantage of microservices and cloud native application development, shifting those applications to the cloud does provide the benefit of reducing your operational overhead. This can provide an opportunity to learn new competencies.
"There's a separate set of competencies that you need to acquire to start running in the cloud. You don’t need to learn everything all at once. If you take a monolithic, on-premises app, simply lift-and-shift it into a VM in the cloud, that allows you to start to understand things like cloud billing, and gain some of the competencies of a cloud deployment pattern," says William.
### Hybrid cloud[](#hybrid-cloud)
Many organizations have opted to use both private and public cloud for a hybrid cloud infrastructure. These hybrid clouds blend the control and security of a private cloud, but also the flexibility and agility of public cloud. During periods of high usage, organizations can leverage public cloud’s pay-per-use model and save themselves from needing additional infrastructure. Organizations can use their private cloud for sensitive data and public cloud for developing and testing new applications. Having a hybrid cloud environment allows teams to manage their on-premises infrastructure and take advantage of public cloud scale.
While cloud adoption is widespread, many organizations have unique reasons to stay or migrate to an on-premises infrastructure. Cost, control, and risk mitigation continue to be the main drivers of on-prem vs. cloud decisions. Public cloud’s pay-per-use model may not be more cost effective for organizations that operate at higher scale, but a hybrid cloud model can offer organizations the flexibility to use public cloud during periods of high usage without having to invest in additional infrastructure. Both on-prem and cloud require unique and extensive operational competencies, so teams will need leaders that are skilled in these areas when making the switch.
Cover image by [Matt Howard](https://unsplash.com/@thematthoward?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText)
on [Unsplash](https://unsplash.com/s/photos/journey?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText)
[Insights\
\
\
\
#### 3 surprising findings from our 2024 Global DevSecOps Survey\
\
Read the blog](/blog/2024/06/25/3-surprising-findings-from-our-2024-global-devsecops-survey/)
[Insights\
\
\
\
#### How we overhauled GitLab navigation\
\
Read the blog](/blog/2023/08/15/navigation-research-blog-post/)
[Insights\
\
\
\
#### Beautifying our UI: Giving GitLab build features a fresh look\
\
Read the blog](/blog/2023/07/05/beautifying-of-our-ui/)
### We want to hear from you
Enjoyed reading this blog post or have questions or feedback? Share your thoughts by creating a new topic in the GitLab community forum. [Share your feedback](https://forum.gitlab.com/new-topic?title=GitLab%20account%20security:%20Verify%20your%20information%20for%20enhanced%20protection&body=&tags=blog-feedback)
See what your team could do with a unified DevSecOps Platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_content=default-saas-trial&glm_source=about.gitlab.com)
Find out which plan works best for your team
[Learn about pricing](/pricing/)
Learn about what GitLab can do for your team
[Talk to an expert](/sales/)
---
# HackerOne | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
[Customer stories](/customers/)
HackerOne
 + 
HackerOne achieves 5x faster deployments with GitLab’s integrated security
==========================================================================
Faster deployments
Less context switching
Tool consolidation

Industry Technology
Employees 300+
Location San Francisco, US; London, UK; Groningen, NL
Solution
[GitLab Ultimate](/pricing/ultimate/)
Want to see what [GitLab Ultimate](/pricing/ultimate/)
can do for your team?
[Start your free trial](https://gitlab.com/-/trials/new?_gl=1%2Au3qiai%2A_ga%2AMTMyODM2NjQzOC4xNjU3OTA0NDQ2%2A_ga_ENFH3X7M5Y%2AMTY3ODkzMDM3MS40MDQuMC4xNjc4OTMwMzcyLjAuMC4w&glm_content=default-saas-trial&glm_source=about.gitlab.com%2F)
* * *
7.5x faster pipeline time
* * *
5x faster deployment time
* * *
4 hours development time per engineer saved/weekly
* * *
Ready to get started? [Get free trial](https://gitlab.com/-/trials/new?_gl=1%2Au3qiai%2A_ga%2AMTMyODM2NjQzOC4xNjU3OTA0NDQ2%2A_ga_ENFH3X7M5Y%2AMTY3ODkzMDM3MS40MDQuMC4xNjc4OTMwMzcyLjAuMC4w&glm_content=default-saas-trial&glm_source=about.gitlab.com%2F)
[Learn about pricing](/pricing/)
HackerOne improved pipeline time, deployment speed, and developer efficiency with GitLab Ultimate.
GitLab is helping us catch security flaws early and it's integrated it into the developer's flow. An engineer can push code to GitLab CI, get that immediate feedback from one of many cascading audit steps and see if there's a security vulnerability built in there, and even build their own new step that might test a very specific security issue.
\- Mitch Trale, Head of Infrastructure, HackerOne
### Hacker-powered security platform
HackerOne empowers the world to build a safer internet. As the world’s most trusted human-powered security platform, HackerOne gives organizations access to the largest community of hackers on the planet. Armed with the most robust database of vulnerability trends and industry benchmarks, the hacker community mitigates cyber risk by searching, finding, and safely reporting real-world security weaknesses for organizations across all industries and attack surfaces.
As the world becomes more connected and organizations move to the cloud, cybersecurity must keep up. [HackerOne](https://www.hackerone.com/)
helps security teams scale with their agile attack surfaces by providing hacker-powered security testing and vulnerability insights that help reduce risk across the SDLC.
### Looking for speed of development and deployment
HackerOne is a globally distributed company, so dependencies exist between teams in order to complete projects. There were often times when a developer in the Netherlands worked on code, then someone in North America would pick up where the other left off. Lengthy pipeline times could interrupt handoffs. According to Mitch Trale, Head of Infrastructure at HackerOne, “In many cases, you would wind up stranding a merge request in a place where you wish you would have gone live … if we’d had faster tools, we could have put that out there.”
HackerOne was using separate tools for code version control and continuous integration. As HackerOne began to scale, growing the engineering team from 10 to 30 members, Mitch indicated that these tools were “significantly limited … one example of this is just the time it took to run a single pipeline within our old system that made it sort of prohibitive to do this frequently,” Trale said. “So engineers started to work around these limitations. We started creating these downstream side effects, which we then had to deal with separately.” The team needed a tool that could grow alongside HackerOne’s development and would be able to manage multiple projects that would affect multiple squads.
Primary drivers for the team in their consideration of new software tools was speed of development, speed of deployment, and developer happiness. “We’re optimizing for happy engineers, wherever possible. Better tools help us automate more, providing us with better throughput and higher quality,” Trale clarified. The team needed a platform that would improve the developer experience from end-to-end, from development to deployment.
### Scalability and developer ownership
HackerOne adopted GitLab in late 2018 for [source management](/stages-devops-lifecycle/source-code-management/)
, [issues management](/stages-devops-lifecycle/plan/)
, CI/CD, and security and compliance features that didn’t exist in the team’s previous tooling system. GitLab buy-in increased dramatically across the company because of the various agility offerings that can work in different environments. “HackerOne adopted GitLab all around, but we also saw brand new features that product managers and sprint owners could take advantage of. Now we’re seeing teams cross-planning out further in the future,” Trale reports. “We’re seeing Gantt charts that represent dependencies. And that kind of sophistication was really critical at that stage in HackerOne’s development, because we were scaling.”
GitLab not only provided a way for teams to scale, but it also provided a way for application development processes to become more egalitarian. Because of GitLab’s intuitive user interface, [the number of users expanded](/enterprise/)
at HackerOne. “We have technical product managers who can now make code changes affecting copy text on the site or affecting, for example, a font color,” Trale added. “It’s easier for individuals to go in using GitLab’s visual editing tools, and a merge request that can easily be approved and deployed atomically. That simply wasn’t viable before.”
GitLab’s ease of use makes working within the platform more manageable for developers and engineers. As an open source tool, GitLab is modern, but not overly complex. It offers a lot of capabilities, but it is functionally available to engineers at every level of the company. “Now we can democratize control over our pipelines. We can have individual engineers acting as DevOps, acting as infrastructure … and administering the tooling in a way that they simply couldn’t before. Our old tooling was clunky, hard to maintain and manage,” Trale said.
### Baked-in security generates faster deploys
One of the biggest benefits of adopting GitLab is the ability to find code issues sooner in the pipeline. When combined with faster pipelines, the teams can now work iteratively to resolve security flaws. The engineering team used to spend at least 60 minutes per integration pipeline run. It would go end-to-end from commit to test, to smoke test, test, deploy, and take an hour. If there was a single error, they would have to rerun the whole process.
“It made people overly cautious about pushing code. And what we really want to do is to make that cycle time as tight as possible and reduce risk associated with any given release of code,” Trale explained. “So GitLab was strategically important for us because it really enabled us to refine this code and build it according to our own quality specifications.”
The team can also rerun specific parts of the pipeline, which was not feasible before. They can focus on the part of the continuous integration pipeline that might be failing, without having to restart. “Speed matters … now it takes about eight minutes to run a pipeline. That eight minutes is massive. That alone would have been meaningful enough for us to consider the switch, the promise of this high-speed continuous integration pipeline,” Trale remarked. On top of that, there is now deeper visibility into audit logs, so they can see what is going on behind the scenes to understand what is contributing to performance degradation.
Using GitLab’s API and security capabilities, the engineering team created a bot that generates merge requests automatically based on outdated packages. The bot scans repos and creates merge requests according to those that need to be updated. Engineers only need to review and approve them in order to then deploy. This automation saves manual cycle time and creates faster security scanning. It’s no longer an individual’s job to spend an additional hour per deploy testing this. “We deploy code multiple times a day … now at least between one to five times a day, new versions of HackerOne are going live to the web. There was at least an hour spent on each of those by an engineer,” Trale described. “Maybe a half hour between two engineers, making sure that the work made sense. I think, conservatively, we’re saving four to five hours a day of energy per engineer by consolidating this work using the tools.”
Prior to GitLab, HackerOne’s deployment cycle was closer to one to two times per day. But with everything in one place, correctly labeled and efficiently organized, PMs and those who manage sprints can now pick what they want to work on. “GitLab is helping us catch these things early — it’s integrating it into the developer’s flow.
Having all the tools in one place has made security scanning and audits an easier process from the team’s previous workflow. “The cost of running security scans in GitLab is significantly lower than it was previously. And so we’re much more inclined to run more thorough scans, faster. Whether that’s on individual packages or even running a suite of security tests. I do think that we’re much more cognizant of it and we’re using GitLab for this purpose,” Trale explained.
The engineering team also built a custom Slack bot that integrates with GitLab and triggers deployments. All deployments are public in the Slack channel, where a lot of work happens for HackerOne. With the integration, they can see deployment status in Slack rather than locating the pipeline or audit log. In cases where the deployment goes wrong, there are 30 people who can help debug in real time. Bringing deployments close to Slack and using GitLab for CI/CD provides easier, faster access to code and security management.
While tool consolidation and deployment speed are priorities that led HackerOne to make the switch, it’s GitLab’s active development that continues to impress team members. GitLab has monthly releases that build upon existing features — such as security — using customer feedback. “The partnership that we have with GitLab is ever deepening. Whereas some of these other tools that we evaluated didn’t have that strength of development, that sort of momentum that GitLab has,” Trale said. “The monthly cadence speaks to this — new features arrive frequently that we can take advantage of. That active development is a contemporary mindset that GitLab has, which is appealing to us.”
All information and persons involved in case study are accurate at the time of publication.
[#### Find out which plan is best for your team.\
\
See our pricing plans](/pricing/)
[#### How much is your current toolchain costing you?\
\
ROI calculator](/calculator/)
* * *
[\
\
#### FullSave\
\
FullSave simplifies toolchain\
\
Read story](/customers/fullsave/)
[\
\
#### Siemens\
\
How Siemens created an open source DevOps culture with GitLab\
\
Read story](/customers/siemens/)
[\
\
#### Hilti\
\
How CI/CD and robust security scanning accelerated Hilti's SDLC\
\
Read story](/customers/hilti/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# CI/CD: The ticket to multicloud
[Blog](/blog/)
[Insights](/blog/categories/insights/)
CI/CD: The ticket to multicloud
Published on: January 17, 2020
4 min read
CI/CD: The ticket to multicloud
===============================
Read our expert panel from MulticloudCon on how CI/CD and cloud-agnostic DevOps help organizations go multicloud and increase productivity.

 [Chrissie Buchanan](/blog/authors/cbuchanan/)
[CI/CD](/blog/tags/CI_CD/)
[cloud native](/blog/tags/cloud-native/)
[kubernetes](/blog/tags/kubernetes/)
In November 2019, we had the opportunity to co-host [MulticloudCon](https://multicloudcon.io/)
, a zero-day event with our partners at [Upbound](https://upbound.io/)
. The event featured experts in cloud, Kubernetes, database resources, CI/CD, security, and more, to learn how [multicloud is evolving](/topics/multicloud/)
and empowering developers and operations experts across the industry.
DevOps can play a major role in cloud usage. In this discussion from MulticloudCon, we assembled a panel of experts across the industry to talk about [CI/CD](/features/continuous-integration/)
and DevOps in multiple clouds. As [multicloud](/topics/multicloud/)
technology continues to evolve, tools can give organizations more control and flexibility on where their workloads live and where they deploy.

Panel highlights[](#panel-highlights)
--------------------------------------
### Why multicloud is important:[](#why-multicloud-is-important)
> “If we have a single point of failure on a cloud, it is really easy to have some downtime \[or\] an outage and be like, "Well, it was my cloud provider's fault." But, to our customers, that doesn't matter. You as a company, we're down and that affects them.” – Ana Medina, Chaos Engineer at [Gremlin](https://www.gremlin.com/)
> “There are a lot more applications now that are becoming event-driven and are relying on integrations with cloud providers. And if it's more than one, you can't just test on one provider and go well it works across the board. You need to be expanding your test coverage to cover multiple cloud providers.” – Denver Williams, DevOps/SRE Consultant at [Vulk Coop](http://vulk.coop/)
### The challenges of multicloud:[](#the-challenges-of-multicloud)
> “When you're running in multiple clouds, that also introduces problems… I'm talking more specifically about high availability and also fault tolerance and then disaster recovery. These are things people just think about, ‘Oh we need to connect, integrate.’ But at the end of the day, if you're serious about running these applications, you need to also think about those things. And introducing those complexities from the different cloud providers will definitely impact your operations.” – Angel Rivera, Developer Advocate at [CircleCI](https://circleci.com/)
### How tools impact a multicloud strategy:[](#how-tools-impact-a-multicloud-strategy)
> “One thing that helps a lot when you're working on deploys for multicloud is to choose tooling that is going to support multiple clouds off the bat… One thing you really want to avoid, if possible, is ending up with different workflows for different cloud providers. Because then you're testing with different CI/CD pipelines. It's different code and it's inevitably going to behave differently. And then you're going to run into weird bugs.” – Denver Williams
> “When I'm talking to users and GitLab customers that are doing multicloud, they're doing a lot of orchestration and abstraction, and they're having to write an abstraction layer in order to homogenize a logic. A lot of folks have talked about Crossplane today. When I see these types of capabilities and Crossplane in that community emerging, that's pretty exciting because that's what I see a lot of folks writing all the time. That can just be pulled out into a tool and offloaded so that you can focus on the business logic.” – [William Chia](/company/team/#williamchia)
> , Sr. Product Marketing Manager at GitLab
Learn more about GitLab’s Crossplane integration in our [12.5 release](/releases/2019/11/22/gitlab-12-5-released/#crossplane-support-in-gitlab-managed-apps)
.
### CI/CD and multicloud best practices:[](#cicd-and-multicloud-best-practices)
> “There's always going to be platform-specific code. Just keep that separate and then your actual YAML logic, keep it agnostic.” – Uma Mukkara, Co-founder and COO at [MayaData](https://mayadata.io/)
> “At Gremlin we help companies avoid downtime. So, we're starting to work with integrations with CI/CD platforms so folks actually start having a stage that they run chaos engineering experiments... You can actually build a lot more testing around past outages that your company has had or maybe some of the large outages that we've seen around in the industry. Building testing around those scenarios, \[we’re\] making sure the caching layers are able to handle when one of your services goes down... If you're caching layer limits out, the other services that are dependent on it are able to still continue providing a good user experience.” – Ana Medina
> “I always encourage people who are writing pipelines in our platform to do some checks against APIs that they use so that they can just fail their builds right away, instead of wasting money and effort and going to build that. It's going to eventually fail.” – Angel Rivera
Multicloud is made possible through cloud native applications built from containers using services from different cloud providers, and allows for multiple services to be managed in one architecture. CI/CD plays a big role in workflow portability, ensuring workflows stay consistent (no matter where projects are deployed).
Watch the full panel discussion below.
Photo by [Marc Wieland](https://unsplash.com/photos/zrj-TPjcRLA?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText)
on [Unsplash](https://unsplash.com/search/photos/clouds?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText)
[Insights\
\
\
\
#### 3 surprising findings from our 2024 Global DevSecOps Survey\
\
Read the blog](/blog/2024/06/25/3-surprising-findings-from-our-2024-global-devsecops-survey/)
[Insights\
\
\
\
#### How we overhauled GitLab navigation\
\
Read the blog](/blog/2023/08/15/navigation-research-blog-post/)
[Insights\
\
\
\
#### Beautifying our UI: Giving GitLab build features a fresh look\
\
Read the blog](/blog/2023/07/05/beautifying-of-our-ui/)
### We want to hear from you
Enjoyed reading this blog post or have questions or feedback? Share your thoughts by creating a new topic in the GitLab community forum. [Share your feedback](https://forum.gitlab.com/new-topic?title=GitLab%20account%20security:%20Verify%20your%20information%20for%20enhanced%20protection&body=&tags=blog-feedback)
See what your team could do with a unified DevSecOps Platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_content=default-saas-trial&glm_source=about.gitlab.com)
Find out which plan works best for your team
[Learn about pricing](/pricing/)
Learn about what GitLab can do for your team
[Talk to an expert](/sales/)
---
# Continuous Software Compliance | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
[Advanced SAST now available. Learn more](https://about.gitlab.com/blog/2024/09/19/gitlab-advanced-sast-is-now-generally-available/)
Continuous Software Compliance
------------------------------
Build in compliance for less risk and greater efficiency
[Start your free trial](https://gitlab.com/-/trials/new?glm_content=default-saas-trial&glm_source=about.gitlab.com)
[Questions? Contact us](/sales/)

Software compliance is no longer just about checking boxes.
Cloud native applications present entirely new attack surfaces via containers, orchestrators, web APIs, and other infrastructure-as-code. These new attack surfaces, along with complex DevOps toolchains, have resulted in notorious software supply chain attacks and led to new regulatory requirements. Continuous software compliance is becoming a critical way to manage risk inherent in cloud native applications and DevOps automation - beyond merely reducing security flaws within the code itself.

Compliance. Security. Simplified.
---------------------------------

###
Confidence with every commit
License compliance and security scans automatically happen with every committed code change.
###
Compliance pipelines for ensuring enforcement
Ensure that important policies are enforced — whether it’s standard regulatory controls or your own policy framework.
###
Simplify audits
Automated policies simplify audits with visibility and traceability.
###
All in one place
With GitLab, you have one application to manage. No silos, and nothing lost in translation.
One DevOps platform for compliance
----------------------------------
### Built-in controls
Software compliance can be difficult when it is disconnected from the software development process. Organizations need a compliance program that is built-in, not bolted-on, to their existing workflows and processes. Learn more by downloading the [Guide to Software Supply Chain Security](https://page.gitlab.com/resources-ebook-modernsoftwarefactory.html)
### Policy automation
Compliance guardrails allow rapid software development while reducing risk of non-compliance and of project delays. Auditing is simplified by having everything in one place.
### Shift compliance left
Just as you want to find and fix security flaws early, it’s most efficient to do the same with compliance flaws. Ensuring compliance is integrated into development enables compliance to shift left also
### Compliance frameworks
Easily apply common compliance settings to a project with a label.
Simplify continuous software compliance
---------------------------------------
GitLab's compliance management capabilities aim to create an experience that's simple, friendly, and as frictionless as possible by enabling you to define, enforce and report on compliance policies and frameworks.
### Policy Management
Define rules and policies to adhere to compliance frameworks and common controls.
[Learn More](https://docs.gitlab.com/ee/administration/compliance.html)
### Compliant Workflow Automation
Compliance automation helps you enforce the defined rules and policies and separation of duties while reducing overall business risk.
[Learn More](https://docs.gitlab.com/ee/administration/compliance.html#compliant-workflow-automation)
### Audit Management
Log activities throughout your DevOps automation to identify incidents and prove adherence to compliance rules and defined policies. Visibility is greater with one platform and no toolchain silos.
[Learn More](https://docs.gitlab.com/ee/administration/compliance.html#audit-management)
### Security testing and vulnerability management
Ensure security scanning and license compliance for every code change and allow DevOps engineers and security pros alike to track and manage vulnerabilities.
[Learn More](https://about.gitlab.com/solutions/security-compliance/)
### Software Supply Chain Security
Manage the end-to-end attack surfaces of cloud native applications and DevOps automation — beyond traditional application security testing.
[Learn More](https://about.gitlab.com/direction/supply-chain/)

Resources
---------
[View all resources](/resources/)
* * *
[Blog\
\
 \
\
### GitLab Advanced SAST is now generally available\
\
Learn more](https://about.gitlab.com/blog/2024/09/19/gitlab-advanced-sast-is-now-generally-available/)
Video

### Compliant pipelines
Watch now
[Blog\
\
 \
\
### Three things you may not know about GitLab security\
\
Learn more](https://about.gitlab.com/blog/2021/11/23/three-things-you-might-not-know-about-gitlab-security/)
[Webinar\
\
 \
\
### Secure your software supply chain\
\
Learn more](https://www.youtube.com/watch?v=dZfS4Wt5ZRE)
[Ebook\
\
 \
\
### Software Supply Chain Security\
\
Learn more](https://learn.gitlab.com/devsecops-aware/software-supply-chain-security-ebook)
[Case study\
\
 \
\
### Chorus case study\
\
Learn more](/customers/chorus/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Curve | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
[Customer stories](/customers/)
Curve
 + 
Fintech innovator Curve counts on the GitLab platform
=====================================================
Built-in security
Toolchain simplification
Huge cost savings

Industry Financial Services
Employees 500
Location London, United Kingdom
Solution
[GitLab Ultimate](/pricing/ultimate)
Want to see what [GitLab Ultimate](/pricing/ultimate/)
can do for your team?
[Start your free trial](https://gitlab.com/-/trials/new?_gl=1%2Au3qiai%2A_ga%2AMTMyODM2NjQzOC4xNjU3OTA0NDQ2%2A_ga_ENFH3X7M5Y%2AMTY3ODkzMDM3MS40MDQuMC4xNjc4OTMwMzcyLjAuMC4w&glm_content=default-saas-trial&glm_source=about.gitlab.com%2F)
* * *
Ready to get started? [Get free trial](https://gitlab.com/-/trials/new?_gl=1%2Au3qiai%2A_ga%2AMTMyODM2NjQzOC4xNjU3OTA0NDQ2%2A_ga_ENFH3X7M5Y%2AMTY3ODkzMDM3MS40MDQuMC4xNjc4OTMwMzcyLjAuMC4w&glm_content=default-saas-trial&glm_source=about.gitlab.com%2F)
[Learn about pricing](/pricing/)
GitLab's improved continuous integration and delivery (CI/CD), security scans, project management, and auditability are driving innovation at the fintech startup.
Before we moved to GitLab there was a big burden on operation teams. It was a battle to enable developers to effectively do their jobs. The obvious choice was to have everything in one place and well-contained through a single pane of glass.
\- Ed Shelton, Site Reliability Engineer, Curve
### Fintech innovator
[Curve](https://www.curve.com/en-gb/)
is a fintech platform that has gone live in over 31 markets across the UK and European Economic Area and is imminently expanding into the US. Curve combines your credit cards, debit cards, and loyalty cards in one. You can even add receipts. So it’s the only card you need to carry. And the only pin you need to remember. Also known as over-the-top payment servicing, this new model of financial and payment services is enabled by Curve’s commitment to product innovation through advanced software engineering.
### Fragmented toolchain reducing productivity and results
The early days of programming at Curve saw team members working mainly in PHP. As efforts advanced, teams evolved to embrace new languages, including Golang, Kotlin, Swift, and NodeJS. However, a fragmented toolchain led to difficult integration of software components, and poor visibility into development processes. There was a black box element to builds that made it difficult to identify and fix issues. Resource overhead required for administering and supporting a wide variety of software tools threatened teams’ abilities to meet productivity objectives. Pressures were further heightened by the need to ensure optimal security, Payment Card Industry (PCI) compliance, and reporting in fintech – which is a high-profile industry with continually evolving regulations.
The task of streamlining DevOps did not become less difficult as additional developers joined. Curve looked to simplify development and streamline operations to support the growth of their team. “It was a battle to enable developers to actually do their jobs efficiently. The obvious choice was to have everything in one place and well-contained on a single pane of glass,” said Ed Shelton, Site Reliability Engineer at Curve.
### One DevOps platform that ensures compliance and increases efficiency
Curve engineers used GitLab to attain standardized continuous integration and continuous delivery (CI/CD) pipeline processes. As part of that, the team has gained greater control of templating issues that had stymied progress. Among the early advantages achieved with GitLab’s implementation was the ability to quickly onboard new engineers, simply by granting them access to GitLab and getting them logged in. No need to create accounts for 5+ services and generate personal access tokens for each one — just use GitLab. Developers were “good to go” on their first day.
Improvements in security included use of GitLab’s security scanning for quick visibility into vulnerabilities in both new and older code. Reports now detect vulnerabilities in individual jobs automatically, and prevent risky changes from inadvertently making it to production. Meanwhile, maintenance time devoted to CI/CD has dramatically reduced. New releases can be quickly rolled out or rolled back. New initiatives can be taken on quickly without worrying about dedicating developer resources to gluing together disparate systems.
### DevOps platform delivering better code and empowering developers
Use of GitLab Ultimate at Curve has vastly improved CI/CD efforts, garnered significant security benefits, eased templating, and streamlined project management and auditability. Builds that run more quickly have been beneficial, allowing programmers to focus on programming. With GitLab, Curve teams effortlessly achieved PCI compliance. GitLab dashboards now highlight vulnerabilities that could compromise security. Along with this come advances in templating that support standardization and greater governance for the organization. The result has been highly performant pipeline operations, and reduced time-to-release. Curve teams have seen an approximately 50% reduction in the time it takes for pipeline deployment.
GitLab’s benefits as a project management tool are several. It is used for the full development life cycle — covering all the repositories and the software development itself, including product development, code reviews, and tracking external partners as well. Boards, milestones, and epics are particularly useful in the context of fintech requirements. Platform capabilities support creation of audit trails that mark activity on services, noting where a change comes from, how the change manifested, and how changes are actually implemented. Being able to track how services evolve is crucial in this industry. Previously, finding out how something made it into production was difficult.
By having the full software development lifecycle visible in one place, Curve has clear visibility into how developers are working and where the bottlenecks may be. The ability to roll out a new feature with agility, or just do a comprehensive bug search, has been a big win for modernization. Where there has been a need to roll out state-wide changes, teams have been able to employ the GitLab API and make these changes easily and effectively. Finally, the GitLab open-source ethos maps closely with Curve’s development philosophy. GitLab community forums always provide a preview of upcoming features and their status, and such transparency aids in planning, engineer Ed Shelton indicated. The comprehensive documentation resources empower developers to self-serve, and frees up their time to focus on code. GitLab supports this fintech innovator’s rapid growth with full compliance and increased operational efficiency.
All information and persons involved in case study are accurate at the time of publication.
[#### Find out which plan is best for your team.\
\
See our pricing plans](/pricing/)
[#### How much is your current toolchain costing you?\
\
ROI calculator](/calculator/)
* * *
[\
\
#### FullSave\
\
FullSave simplifies toolchain\
\
Read story](/customers/fullsave/)
[\
\
#### Siemens\
\
How Siemens created an open source DevOps culture with GitLab\
\
Read story](/customers/siemens/)
[\
\
#### Hilti\
\
How CI/CD and robust security scanning accelerated Hilti's SDLC\
\
Read story](/customers/hilti/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Bendigo and Adelaide Bank | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
[Customer stories](/customers/)
Bendigo and Adelaide Bank
 + 
Learn how GitLab is accelerating DevOps at Bendigo and Adelaide Bank
====================================================================
Simplified toolchain complexity
Multi cloud deployments
Decreased operational costs

Industry Financial Services
Employees 7,000
Location Bendigo, Australia
Solution
[GitLab Ultimate](/pricing/ultimate/)
Want to see what [GitLab Ultimate](/pricing/ultimate/)
can do for your team?
[Start your free trial](https://gitlab.com/-/trials/new?_gl=1%2Au3qiai%2A_ga%2AMTMyODM2NjQzOC4xNjU3OTA0NDQ2%2A_ga_ENFH3X7M5Y%2AMTY3ODkzMDM3MS40MDQuMC4xNjc4OTMwMzcyLjAuMC4w&glm_content=default-saas-trial&glm_source=about.gitlab.com%2F)
* * *
4 weeks to rapid migration
* * *
3 to 1 tool simplification (GitLab replaces GitHub, Jenkins and Checkmarx)
* * *
32 apps in 30 days
* * *
Ready to get started? [Get free trial](https://gitlab.com/-/trials/new?_gl=1%2Au3qiai%2A_ga%2AMTMyODM2NjQzOC4xNjU3OTA0NDQ2%2A_ga_ENFH3X7M5Y%2AMTY3ODkzMDM3MS40MDQuMC4xNjc4OTMwMzcyLjAuMC4w&glm_content=default-saas-trial&glm_source=about.gitlab.com%2F)
[Learn about pricing](/pricing/)
Discover how the move from GitHub to GitLab advanced its cloud journey, increased efficiency, and reduced operating costs.
We now have an always-innovating solution that aligns with our goal of digital transformation.
\- Caio Trevisan, Head of DevOps Enablement, Bendigo and Adelaide Bank
### One of Australia’s most trusted banks
As Australia’s better big bank, [Bendigo and Adelaide Bank](https://www.bendigoadelaide.com.au/)
is community-focused and dedicated to supporting its customers by ensuring fairness and equity in its pricing. Committed to its customers and communities, Bendigo and Adelaide Bank has delivered high-quality customer service for over 160 years, maintaining its values of teamwork, integrity, performance, engagement, leadership, and passion. In 2019, the bank announced a multi-year transformation strategy focused on reducing complexity and investing in digital transformation.
### Existing solution had high operational costs and complex tooling
The team at Bendigo and Adelaide Bank experienced a few challenges with their GitHub on-premise solution. They needed significant operational resources and heavy engineering to maintain their GitHub instance. Compounding the challenge was their reliance on other tools for CI/CD and security, and the team struggled with a complex toolchain. The lack of a single source of truth meant team members were unable to have full visibility in the software development lifecycle and tracking metrics became difficult. Understanding that continual operational support for an on-premise solution was unsustainable, Bendigo and Adelaide Bank sought a SaaS solution that would offer a robust platform. In addition, the bank was focused on a solution that would align with its strategic objectives of reducing complexity, support agility and promote continuous innovation.
### A single solution accelerates business transformation
The team used GitHub only for source code management and relied on other tools to complement its software development practices. In search of a solution, the team hoped to find a tool that would decrease toolchain complexity and create a centralised location to find information. The team initially assessed GitHub as a SaaS solution, but they didn’t see all the features they needed to meet their goals.
Continuing their search, the team was impressed with GitLab, believing it to be a comprehensive solution to increase operational efficiency, create a single source of truth, and simplify tooling. The team turned to GitLab to manage runners, support Kubernetes, and use security features, such as SAST, container security, and secrets management. “By reducing the number of tools, we have lower maintenance costs, since we don’t need to spend money for on-prem instances and physical servers. We were able to shift to SaaS easily with GitLab. We’ve also avoided the cost of upgrading legacy systems and patching.Using GitLab, we’ve removed complexity from our tech stack, and now we’re more agile. Overall, everyone likes GitLab. It improves our time to market.” said Caio Trevisan, Head of DevOps Enablement.
The team uses GitLab to implement elevated permissions to control access to projects to require code reviews before merging. “GitLab makes privilege and access management easy. We also now have visibility and observability by using infrastructure as code,” shared Caio. Using CI pipelines, it’s easier for the team to analyse an application and have end-to-end visibility when doing deep analyses. Infrastructure as code has also helped the team have better reverting capabilities and governance.
### Increased cloud computing and operational efficiency
In migrating to GitLab, the team moved 1,500 projects, over 30 organizations, 500 users, and 50GB of data in four weeks. The team is now rapidly progressing towards meeting the corporate goal to move 50% of its applications to the cloud in three to five years. Accelerating business transformation is an important part in managing costs and maintaining sustainable growth.
With GitLab, the team has embraced cloud technology and has automated manual processes. “GitLab helps us with multi cloud deployments. We can deploy runners in any infrastructure, and we’re currently using them to deploy to AWS and GCP. Deploying to the cloud has been simple, and in the year we’ve been using GitLab, we’re in a good position to meet our goal of moving to the cloud,” explained Caio. The team’s CI runners are deployed everywhere, and team members appreciate that they always scale.
Since using GitLab, the team has experienced increased communication. “With merge requests and code review capabilities, we’re able to collaborate more. Everyone knows that GitLab is our central tool, so we have a single source of truth where everyone can discuss projects,” said Caio. With tooling simplification, the team has not only streamlined its workflow but also improved productivity. The organisation has seen an added benefit of attracting new talent to Bendigo and Adelaide Bank, since software professionals want to use market leading technology to innovate. The company is well-known for its ambitious growth and transformation strategy, and by simplifying technology, the Bank has become more innovative and agile in responding to their customers’ needs.
The team has observed that GitLab has helped with onboarding new hires. By only having to learn one tool, with useful templates, new hires have been able to push code on their second day. The team has created an internal training service called “DevOps Academy,” which onboards new developers to the simplified tech stack in one week. As an open source project, DevOps Academy uses GitLab to teach team members their development workflow.
The team is looking forward to embracing GitLab features more deeply by moving away from Jenkins for CD and using GitLab to identify and track metrics. Reflecting on the move to GitLab, Caio shared, “We’ve been getting good feedback about GitLab from other teams. The team is really jumping into it and learning how to use it. Our workflow is more streamlined and efficient, and we’re accelerating business transformation.” In migrating to GitLab, the team moved 1,500 projects, over 30 organisations, 500 users, and 50GB of data in less than four weeks. GitLab represents the bank’s commitment to achieving its strategic objectives by reducing complexity, investing in new capabilities, accelerating its cloud journey to shape its vision to be Australia’s bank of choice.
All information and persons involved in case study are accurate at the time of publication.
[#### Find out which plan is best for your team.\
\
See our pricing plans](/pricing/)
[#### How much is your current toolchain costing you?\
\
ROI calculator](/calculator/)
* * *
[\
\
#### FullSave\
\
FullSave simplifies toolchain\
\
Read story](/customers/fullsave/)
[\
\
#### Siemens\
\
How Siemens created an open source DevOps culture with GitLab\
\
Read story](/customers/siemens/)
[\
\
#### Hilti\
\
How CI/CD and robust security scanning accelerated Hilti's SDLC\
\
Read story](/customers/hilti/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# What is GitOps?
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
[Topics](/topics/)
GitOps
What is GitOps?
===============
* * *
GitOps is an operational framework that takes DevOps best practices used for application development such as version control, collaboration, compliance, and CI/CD, and applies them to infrastructure automation.
[Download the GitOps Ebook Now](https://page.gitlab.com/resources-ebook-beginner-guide-gitops.html)
What is GitOps?
---------------
[](#what-is-git-ops)
While much of the software development lifecycle has been automated, infrastructure has remained a largely manual process that requires specialized teams. With the demands made on today’s infrastructure, it has become increasingly crucial to implement infrastructure automation. Modern infrastructure needs to be elastic so that it can effectively manage cloud resources that are needed for continuous deployments.
Modern and cloud native applications are developed with speed and scale in mind. Organizations with a mature DevOps culture can deploy code to production hundreds of times per day. DevOps teams can accomplish this through development best practices such as version control, code review, and CI/CD pipelines that automate testing and deployments.
GitOps is used to automate the process of provisioning infrastructure, especially modern cloud infrastructure. Similar to how teams use application source code, operations teams that adopt GitOps use configuration files stored as code (infrastructure as code). GitOps configuration files generate the same infrastructure environment every time it’s deployed, just as application source code generates the same application binaries every time it’s built.
How do teams put GitOps into practice?
--------------------------------------
[](#how-do-teams-put-git-ops-into-practice)
GitOps is not a single product, plugin, or platform. There is no one-size-fits-all answer to this question, as the best way for teams to put GitOps into practice will vary depending on the specific needs and goals of the team. However, some tips on how to get started with GitOps include using a dedicated GitOps repository for all team members to share configurations and code, automating the deployment of code changes, and setting up alerts to notify the team when changes occur.
GitOps requires three core components:
### IaC:[](#iac)
GitOps uses a [Git repository](/blog/2020/11/12/migrating-your-version-control-to-git/)
as the single source of truth for infrastructure definitions. Git is an open source version control system that tracks code management changes, and a Git repository is a .git folder in a project that tracks all changes made to files in a project over time. [Infrastructure as code (IaC)](/topics/gitops/infrastructure-as-code/)
is the practice of keeping all infrastructure configuration stored as code. The actual desired state may or may not be not stored as code (e.g., number of replicas or pods).
### MRs:[](#mrs)
GitOps uses merge requests (MRs) or pull requests (PRs) as the [change mechanism](/blog/2020/10/13/merge-request-reviewers/)
for all infrastructure updates. The MR or PR is where teams can collaborate via reviews and comments and where formal approvals take place. A merge commits to your main (or trunk) branch and serves as an audit log or audit trail.
### CI/CD:[](#cicd)
GitOps automates infrastructure updates using a Git workflow with [continuous integration and continuous delivery (CI/CD)](/topics/ci-cd/)
. When new code is merged, the CI/CD pipeline enacts the change in the environment. Any configuration drift, such as manual changes or errors, is overwritten by GitOps automation so the environment converges on the desired state defined in Git. GitLab uses CI/CD [pipelines](/blog/2020/12/02/pre-filled-variables-feature/)
to manage and implement GitOps automation, but other forms of automation, such as definitions operators, can be used as well.
GitOps challenges
-----------------
[](#git-ops-challenges)
With any collaborative effort, change can be tricky and GitOps is no exception. GitOps is a process change that will require discipline from all participants and a commitment to doing things in a new way. It is vital for teams to write everything down.
GitOps allows for greater collaboration, but that is not necessarily something that comes naturally for some individuals or organizations. A GitOps approval process means that developers make changes to the code, create a merge request, an approver merges these changes, and the change is deployed. This sequence introduces a “change by committee” element to infrastructure, which can seem tedious and time-consuming to engineers used to making quick, manual changes.
It is important for everyone on the team to record what’s going on in merge requests and issues. The temptation to edit something directly in production or change something manually is going to be difficult to suppress, but the less “cowboy engineering” there is, the better GitOps will work.
GitOps benefits
---------------
[](#git-ops-benefits)
There are many benefits of GitOps, including improved efficiency and security, [a better developer experience](https://about.gitlab.com/topics/devops/what-is-developer-experience/)
, reduced costs, and faster deployments.
With GitOps, organizations can manage their entire infrastructure and application development lifecycle using a single, unified tool. This allows for greater collaboration and coordination between teams and results in fewer errors and faster problem resolution.
In addition, GitOps can help organizations take advantage of containers and microservices and maintain consistency across all their infrastructure — from Kubernetes cluster configurations and Docker images to cloud instances and anything on-prem.
What is the difference between GitOps and DevOps?
-------------------------------------------------
[](#what-is-the-difference-between-git-ops-and-dev-ops)
There are a few key differences between GitOps and DevOps. For one, GitOps relies heavily on automation and tooling to manage and deploy code changes, while DevOps focuses more on communication and collaboration between teams. Additionally, GitOps is typically used in conjunction with containerization technologies like Kubernetes, while DevOps can be used with any type of application.
GitOps is a branch of DevOps that focuses on using Git code repositories to manage infrastructure and application code deployments. The main difference between the two is that in GitOps, the Git repository is the source of truth for the deployment state, while in DevOps, it is the application or server configuration files.
What is a GitOps workflow?
--------------------------
[](#what-is-a-git-ops-workflow)
A GitOps workflow refers to a systematic and version-controlled approach to infrastructure and application management. Imagine it as treating your system operations with the same rigor you expect from your codebase. In GitOps, Git repositories serve as the single source of truth for system and infrastructure configurations.
Changes to configurations are made through pull requests, ensuring peer reviews and audit trails for updates. Automated tools implement these changes, allowing for consistent and reproducible deployments. This methodology enables high velocity, empowers collaboration among team members, and heightens operational efficiencies through clear documentation and traceability.
### Key components of a GitOps workflow[](#key-components-of-a-gitops-workflow)
A GitOps workflow is built around four fundamental components, each playing a vital role in streamlining the deployment and management of applications.
**1\. Git Repository:** This serves as the foundational element, acting as the central source of truth for both the application's code and its configuration. By storing all critical information in the Git repository, teams ensure consistency and transparency across the development lifecycle.
**2\. Continuous Delivery (CD) Pipeline:** The CD pipeline automates the processes of building, testing, and deploying the application. It bridges the gap between code development and deployment, facilitating a smooth transition from development to production environments while ensuring that the application meets quality standards.
**3\. Application Deployment Tool:** This tool takes charge of deploying the application into the desired environment. It handles the orchestration and management of application resources, ensuring that the application is deployed correctly and efficiently according to the configurations defined in the Git repository.
**4\. Monitoring System:** Essential for maintaining application health, the monitoring system keeps a vigilant eye on application performance. It gathers data and provides the development team with actionable insights and feedback, enabling them to make informed decisions and quickly address any issues that may arise.
Together, these components create a cohesive GitOps workflow that not only enhances the efficiency and reliability of application deployments but also aligns with modern DevOps practices by emphasizing automation, monitoring, and continuous improvement.
What makes GitOps work?
-----------------------
As with any emerging technology term, GitOps isn’t strictly defined the same way by everyone across the industry. GitOps principles can be applied to all types of infrastructure automation including VMs and containers, and can be very effective for teams looking to manage Kubernetes-based infrastructure. While many tools and methodologies promise faster deployment and seamless management between code and infrastructure, GitOps differs by focusing on a developer-centric experience. Infrastructure management through GitOps happens in the same version control system as the application development, enabling teams to collaborate more in a central location while benefiting from Git’s built-in features.
On this page
[What is GitOps?](#what-is-git-ops)
[How do teams put GitOps into practice?](#how-do-teams-put-git-ops-into-practice)
[GitOps challenges](#git-ops-challenges)
[GitOps benefits](#git-ops-benefits)
[What is the difference between GitOps and DevOps?](#what-is-the-difference-between-git-ops-and-dev-ops)
[What is a GitOps workflow?](#what-is-a-git-ops-workflow)
Related Resources
-----------------
[Next step\
\
 \
\
### Learn how GitLab streamlines GitOps workflows\
\
Learn more](/solutions/gitops/)
[Next step\
\
 \
\
### What does infrastructure as code mean?\
\
Learn more](/topics/gitops/infrastructure-as-code/)
[Next step\
\
 \
\
### Why GitLab’s collaboration technology is critical for GitOps\
\
Learn more](/topics/gitops/gitops-gitlab-collaboration/)
[Next step\
\
 \
\
### How teams use GitLab and Terraform for infrastructure as code\
\
Learn more](/topics/gitops/gitlab-enables-infrastructure-as-code/)
[Next step\
\
 \
\
### Multicloud deployment for GitOps using GitLab\
\
Learn more](/topics/gitops/gitops-multicloud-deployments-gitlab/)
[Next step\
\
 \
\
### The benefits of GitOps workflows\
\
Learn more](/topics/gitops/gitops-best-practices/)
[Next step\
\
 \
\
### What is a GitOps workflow?\
\
Learn more](/topics/gitops/gitops-workflow/)
Video

### What is GitOps? Why is it important? How can you get started?
Watch now
Video

### Using GitLab for GitOps to break down silos and encourage collaboration
Watch now
[Webcast\
\
 \
\
### \[Expert Panel Discussion\] GitOps: The Future of Infrastructure Automation\
\
Learn more](/why/gitops-infrastructure-automation/)
[Webcast\
\
 \
\
### Managing infrastructure through GitOps with GitLab and Anthos\
\
Learn more](/webcast/gitops-gitlab-anthos/)
[Webcast\
\
 \
\
### GitLab and HashiCorp - A holistic guide to GitOps and the Cloud Operating Model\
\
Learn more](/webcast/gitlab-hashicorp-gitops/)
[Webcast\
\
 \
\
### Automating cloud infrastructure with GitLab and Terraform\
\
Learn more](/webcast/gitops-gitlab-terraform/)
[Book\
\
 \
\
### A beginner's guide to GitOps\
\
Learn more](https://page.gitlab.com/resources-ebook-beginner-guide-gitops.html)
Suggested Content
-----------------
[View all resources](/resources/)
* * *
[Web\
\
 \
\
### How to use GitLab and Ansible to create infrastructure as code\
\
Learn more](/blog/2019/07/01/using-ansible-and-gitlab-as-infrastructure-for-code/)
[Web\
\
 \
\
### Optimize GitOps workflow with version control from GitLab\
\
Learn more](/blog/2019/10/28/optimize-gitops-workflow/)
[Web\
\
 \
\
### Why GitOps should be the workflow of choice\
\
Learn more](/blog/2020/04/17/why-gitops-should-be-workflow-of-choice/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Cloud Native for Business | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
Cloud Native for Business
=========================
GitLab is the easiest way to build Cloud Native Applications
[Start your free trial](https://gitlab.com/-/trials/new?glm_content=default-saas-trial&glm_source=about.gitlab.com)
[Questions? Contact us](/sales/)

[Cloud native](/topics/cloud-native/)
applications use containers, microservices architecture, and container orchestration like Kubernetes. GitLab is designed for cloud native applications with tight [Kubernetes integration](/solutions/kubernetes/)
.
Businesses are shifting from traditional deployment models to cloud native applications in order to gain speed, reliability and scale.
Learn more about how GitLab can power your cloud native development.
[Learn more](/topics/cloud-native/)
* * *
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Developer Experience | GitLab
[\
\
AI-driven DevSecOps.\
\
New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
Developer experience
Happier developers, better results
==================================
Boost productivity and create an environment of transparency and collaboration to drive results, faster.
[Talk to sales](/sales/)

When developers win, everyone wins
----------------------------------
Great developer experience means removing obstacles so developers can onboard quickly and start adding value right away — helping organizations accelerate innovation, enhance efficiency, and attract top talent.
Faster time to market
When developers can drop into a new code base and become productive right away, that doesn’t just mean faster releases — it means faster delivery of value to customers.
Secure by default
By breaking down barriers between development and security, teams can identify vulnerabilities earlier and are less likely to have to decide between fixing vulnerabilities and releasing on time.
Improved retention
Working with a fragile network of interconnected tools isn’t a great experience. Reducing that friction in developers’ day-to-day results in higher job satisfaction and retention of skilled talent.
More satisfied customers
When developers are shipping higher-quality, more secure code more often, that translates directly into customer value and higher customer satisfaction
For the business, it's important we have GitLab. When we are able to tell a customer we can deliver faster than one of our competitors can, they’re far more likely to sign up with us. **Time to market is critical to sales and it makes our customers happier.**
Cathy He
Engineering Manager , Airwallex
[Read the study](/customers/airwallex/)
Fragmented tooling and siloed workflows create a poor developer experience
--------------------------------------------------------------------------
In GitLab’s [2023 Global DevSecOps Survey](/developer-survey)
:
69%
of developers said that at least a quarter of their responsibilities involve integrating and/or maintaining their DevOps toolchain
#### Boost productivity and efficiency
### Out-of-the-box pipeline templates and automation
From built-in CI/CD pipeline templates to automatic code testing, a single platform for software delivery enables developers to focus on building high-quality applications, without context-switching.
Learn More
### AI throughout the software development lifecycle
Developers do more than write code. When AI is integrated throughout the development process, it can accelerate every aspect of a developer’s day, from understanding code to fixing security vulnerabilities.
Learn More
### Remote development workspaces
On-demand, cloud-based workspaces let developers get started quickly — without having to spend time configuring and maintaining a local development environment.
Learn More
#### Increase transparency and visibility
### Shared issues, project boards, and roadmaps
With everyone in the same platform, developers stay in the loop on strategy and scope and better understand the business value of their work — enabling more efficient planning, building, testing, securing, deployment, and monitoring of code.
Learn more
### Application insights and monitoring
Error tracking and incident management allow developers to get visibility into application errors or disruptions, all in the same place where they develop code, making the code base easier to maintain.
Learn more
### Productivity and efficiency (DORA) metrics
GitLab is the only platform that provides native support for DORA4 measurement on team throughput and stability, helping engineering leaders identify and address areas where manual tasks and other barriers are making developers' jobs harder.
Learn more
#### Ship with speed and security
### Built-in security scanners
Security scanners integrated into CI/CD pipelines — including SAST, DAST, secret scanning, and more — enable developers to collaborate more effectively with security teams to find and fix security flaws sooner in the development process.
Learn more
### Vulnerability reports
Developers can identify and resolve vulnerabilities in their natural workflow, and security teams can vet, triage, and manage vulnerabilities, all in one place.
Learn more
### API security testing
By identifying API vulnerabilities before they make it to production, developers and security teams can work together to make APIs safer and reduce security risks.
Learn more

"I was looking to free up the hands of my DevOps engineers … I wanted them to focus on the things that actually matter — how we produce code, how we properly deploy code. We could do that with a platform."
\>98%
decrease in build queue time
3,000 hours
hours of developer time saved per quarter

Nadav Robas
DevOps & DevSecOps Manager, Agoda
[Read the study](/customers/agoda/)
\>98%
decrease in build queue time
3,000 hours
hours of developer time saved per quarter
* * *
[Report Series\
\
\
\
### 2023 Global DevSecOps Report Series\
\
Read More](/developer-survey/)
[Ebook\
\
\
\
### The Ultimate Playbook for High-Performing DevSecOps Teams\
\
Download the ebook](https://page.gitlab.com/ebook-playbook-high-performing-devsecops-teams.html)
[Report\
\
\
\
### The Forrester Wave™ for Integrated Software Delivery Platforms\
\
Read More](https://page.gitlab.com/forrester-wave-integrated-software-delivery-platforms-2023.html)
Ready to get started?
---------------------
See what your team can do with the most comprehensive AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_content=default-saas-trial&glm_source=about.gitlab.com/)
[Talk to sales](/sales/)
---
# GitLab Dedicated | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
GitLab Dedicated
================
GitLab Enterprise DevSecOps Platform as a single-tenant SaaS deployment
[Contact sales](/sales/)

* [Overview](#overview)
* [Benefits](#benefits)
* [Customers](#customers)
* [Analysts](#analysts)
* [Resources](#resources)
A single-tenant DevSecOps platform
----------------------------------
### The flexibility and efficiency of a SaaS solution
GitLab fully manages and deploys the DevSecOps platform in a region of your choice, enabling you to focus on achieving speed, agility, and efficiencies
### The control and compliance of a self-hosted solution
GitLab Dedicated enables you to meet complex compliance standards by offering full data and source code IP isolation, data residency, and private networking

An enterprise DevSecOps platform with no maintenance overhead
-----------------------------------------------------------------
###
Fully managed and deployed by GitLab
Zero platform maintenance overhead with access to the latest software versions and security updates
###
High availability and scalability
Cloud native architecture with support of up to 50K users and disaster recovery plan to meet your specific needs
###
Full control over your data
Bring your own key to encrypt data stored in GitLab
###
Data residency in your region of choice
[AWS regions](https://docs.gitlab.com/subscriptions/gitlab_dedicated/data_residency_and_high_availability/#available-aws-regions)
supported
###
Full data and source code IP isolation
Meet regulatory and compliance requirements
###
Data protection and security through private networking
Establish secure communications with your DevSecOps platform
###
Comprehensive DevSecOps
All the capabilities of GitLab Ultimate essential for organization-wide security, compliance, and planning in a dedicated deployment model - completely managed by GitLab
### GitLab is trusted by more than 50% of the Fortune 100

> NatWest Group is adopting GitLab Dedicated to enable our engineers to use a common cloud engineering platform; delivering new customer outcomes rapidly, frequently and securely with high quality, automated testing, on demand infrastructure and straight-through deployment. This will significantly enhance collaboration, improve developer productivity and unleash creativity via a 'single-pane-of-glass' for software development."
**Adam Leggett** Platform Lead - Engineering Platforms, NatWest
Read Case Study
### Analysts reports
[GitLab recognized as a Leader in the 2023 Gartner® Magic Quadrant™ for DevOps Platforms\
\
Read the report](/gartner-magic-quadrant/)
[GitLab recognized as the only Leader in The Forrester Wave™: Integrated Software Delivery Platforms, Q2 2023\
\
Read the report](https://page.gitlab.com/forrester-wave-integrated-software-delivery-platforms-2023.html)
[Read the study](https://page.gitlab.com/resources-study-forrester-tei-gitlab-ultimate.html)
### 427
return on investment
### 12x
increase in number of annual releases
### 87%
improved development and delivery efficiency
### <6
months payback period
[Explore more resources](/resources/)
### Compliant + Flexible: GitLab Dedicated
[Learn more](https://cdn.pathfactory.com/assets/10519/contents/518918/f4c1a71e-7a90-495c-b7e3-eb44bfb423a1.pdf)
### GitLab Dedicated: Single tenant SaaS is generally available
[Learn more](https://about.gitlab.com/blog/2023/06/15/gitlab-dedicated-available/)
### 2023 Global DevSecOps Report Series
[Learn more](/developer-survey/)
[GitLab Dedicated Direction Learn more](/direction/saas-platforms/dedicated/)
[GitLab Dedicated Documentation Learn more](https://docs.gitlab.com/ee/subscriptions/gitlab_dedicated/)
Take GitLab for a spin
----------------------
See what your team could do with The DevSecOps Platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_content=dedicated&glm_source=about.gitlab.com)
[Talk to an expert](/sales/)
How much is your toolchain costing you?
[ROI calculator](/calculator/roi/)
New to GitLab and not sure where to start?
[Get started guide](/get-started/)
---
# GitLab Advanced SAST is now generally available
[Blog](/blog/)
[Security](/blog/categories/security/)
GitLab Advanced SAST is now generally available
Published on: September 19, 2024
5 min read
GitLab Advanced SAST is now generally available
===============================================
Reduce false positives, shorten remediation time, and improve development velocity with a proprietary solution built into GitLab.

 [Salman Ladha](/blog/authors/2AYyG99S9PBB8PQIJ6aKuq/)
 [Connor Gilbert](/blog/authors/connorgilbert/)
[security](/blog/tags/security/)
[news](/blog/tags/news/)
[features](/blog/tags/features/)
[DevSecOps](/blog/tags/DevSecOps/)
[product](/blog/tags/product/)
We’re excited to announce that our Advanced Static Application Security Testing (SAST) scanner is now generally available for all GitLab Ultimate customers.
Advanced SAST is a new scanner powered by the technology we [acquired from Oxeye](https://about.gitlab.com/blog/2024/03/20/oxeye-joins-gitlab-to-advance-application-security-capabilities/)
earlier this year. It uses a proprietary detection engine with rules informed by in-house security research to identify exploitable vulnerabilities in first-party code. It delivers more accurate results so developers and security teams don’t have to sort through the noise of false-positive results.
Unlike other stand-alone security scanners, Advanced SAST is natively built into the GitLab DevSecOps platform, providing a developer experience free from the overhead that comes with integrating multiple point solutions. Using taint analysis, relevant context is surfaced to help developers remediate vulnerabilities within their existing workflow to maximize development velocity and application security.
This new scanner will work alongside our existing platform capabilities so developers and application security (AppSec) teams have the most comprehensive set of tools to ship more secure software, faster.
Applications are being developed faster but remain vulnerable[](#applications-are-being-developed-faster-but-remain-vulnerable)
--------------------------------------------------------------------------------------------------------------------------------
The pace of application development continues to accelerate, but remains a common attack vector for threat actors. Our recent [Global DevSecOps Report](https://about.gitlab.com/developer-survey/)
found that 66% of companies are releasing software twice as fast — or faster — than in previous years, as businesses strive to deliver more value to their customers than competitors.
However, speed introduces risk. Last year alone, [80% of the top data breaches](https://www.crowdstrike.com/2024-state-of-application-security-report/)
stemmed from attacks at the application layer.
These two data points paint a clear picture: Application security tools must be built into existing developer workflows so businesses can stay competitive and secure.
What are SAST and Advanced SAST?[](#what-are-sast-and-advanced-sast%3F)
------------------------------------------------------------------------
SAST is a [widely adopted method for improving application security](https://about.gitlab.com/developer-survey/)
by scanning first-party source code to identify vulnerabilities, such as SQL injections or cross-site scripting, before they reach production. Unlike its dynamic counterpart, [DAST](https://about.gitlab.com/topics/devsecops/sast-vs-dast/)
, SAST scans code without executing it and is performed early in the software development lifecycle (SDLC). This proactive approach integrates security into the development process from the outset, significantly lowering the risk of future breaches.
> Check out this [step-by-step tutorial](https://about.gitlab.com/blog/2024/10/22/quick-vulnerability-remediation-with-gitlab-advanced-sast-duo-ai/)
> to put Advanced SAST to work in your environment.
### Fewer false positives with contextual remediation[](#fewer-false-positives-with-contextual-remediation)
The integration of Oxeye’s technology into our platform means we’re able to provide a SAST solution AppSec teams can trust, built into the same GitLab platform developers love. Here’s how we’re able to do that and what it means for our customers:
**Less time triaging vulnerabilities and more time launching features**
* Our proprietary detection engine uses cross-function, cross-file taint analysis with rules informed by in-house security research to surface truly exploitable vulnerabilities and improve scan accuracy — that means lower false-positive rates.
**Faster remediation with richer context**
* Advanced SAST helps developers remediate security vulnerabilities by providing important context such as threat details and the path a vulnerability takes through a program. And, it’s integrated with [GitLab Duo Enterprise AI](https://about.gitlab.com/gitlab-duo/)
to help developers understand and resolve vulnerabilities faster. AppSec teams can also scale their expertise by integrating third-party security training right into the GitLab platform.
**Security built into developer workflows**
* _Integrated_ into the SDLC is not the same as _built_ into the SDLC. Advanced SAST is a native component of our platform, ensuring security is incorporated within existing developer workflows. With a unified solution to manage the entire SDLC, developers can identify, prioritize, and remediate vulnerabilities without disrupting their flow.
Here is an example of the findings of an Advanced SAST scan:

What to know about the Advanced SAST rollout[](#what-to-know-about-the-advanced-sast-rollout)
----------------------------------------------------------------------------------------------
If you’re already using GitLab SAST, we want to ensure you have the chance to coordinate the rollout of Advanced SAST.
Here are key points:
* Advanced SAST scanning is available in GitLab 17.3 or newer, but it’s disabled by default so you can choose when to make the switch. You can [enable Advanced SAST](https://docs.gitlab.com/ee/user/application_security/sast/gitlab_advanced_sast.html#configuration)
for [the languages it supports](https://docs.gitlab.com/ee/user/application_security/sast/gitlab_advanced_sast.html#supported-languages)
across projects, groups, or your entire instance.
* GitLab 17.4 includes helpful features that make it easier to switch to Advanced SAST, including a new [vulnerability code flow view](https://docs.gitlab.com/ee/user/application_security/vulnerabilities/#vulnerability-code-flow)
and automatic translation from existing vulnerability records.
* We plan to enable Advanced SAST by default in a future release, no later than GitLab 18.0. We’ll announce the final timeline and details soon.
For the latest updates on how to upgrade to Advanced SAST, check the [Advanced SAST documentation](https://docs.gitlab.com/ee/user/application_security/sast/gitlab_advanced_sast.html)
. We also have a walkthrough in the video below:
What’s next for SAST[](#what%E2%80%99s-next-for-sast)
------------------------------------------------------
Looking ahead, we’re already working on [new features and improvements](https://about.gitlab.com/direction/secure/static-analysis/sast/)
to help teams write more secure software together, faster. We’re particularly focused on:
* **Upgrading more languages to Advanced SAST**, like PHP, Ruby, C, and C++, so more teams can benefit from more accurate vulnerability findings and cross-file, cross-function scanning.
* **Real-time SAST scanning in the IDE**, so developers can write more secure code as they’re programming – before they even commit or push.
* **Incremental scanning**, analyzing only modified code so developers can quickly identify vulnerabilities without waiting on full-repository scans.
> If you’re an existing GitLab Ultimate customer and would like to learn more about how Advanced SAST can help improve your application security program, visit our [Advanced SAST documentation](https://docs.gitlab.com/ee/user/application_security/sast/gitlab_advanced_sast.html)
> where we cover implementation requirements, use cases, and more.
_**Disclaimer:** This blog contains information related to upcoming products, features, and functionality. It is important to note that the information in this blog post is for informational purposes only. Please do not rely on this information for purchasing or planning purposes. As with all projects, the items mentioned in this blog and linked pages are subject to change or delay. The development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab._
[Security\
\
\
\
#### Self-service security alert handling with GitLab's UAM\
\
Read the blog](/blog/2025/03/18/self-service-security-alert-handling-with-gitlabs-uam/)
[Security\
\
\
\
#### Vulnerability risk prioritization made simple with GitLab\
\
Read the blog](/blog/2025/03/12/vulnerability-risk-prioritization-made-simple-with-gitlab/)
[Security\
\
\
\
#### How GitLab measures Red Team impact: The adoption rate metric\
\
Read the blog](/blog/2025/03/05/how-gitlab-measures-red-team-impact-the-adoption-rate-metric/)
### We want to hear from you
Enjoyed reading this blog post or have questions or feedback? Share your thoughts by creating a new topic in the GitLab community forum. [Share your feedback](https://forum.gitlab.com/new-topic?title=GitLab%20account%20security:%20Verify%20your%20information%20for%20enhanced%20protection&body=&tags=blog-feedback)
See what your team could do with a unified DevSecOps Platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_content=default-saas-trial&glm_source=about.gitlab.com)
Find out which plan works best for your team
[Learn about pricing](/pricing/)
Learn about what GitLab can do for your team
[Talk to an expert](/sales/)
---
# Watch the Demo, see what GitLab can do for your team | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
See GitLab in action
====================
Learn how GitLab accelerates software development by streamlining version control, CI/CD, and security in a single application. This demo illustrates how to use GitLab throughout the entire software development lifecycle.
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Discover why over 100,000 organizations trust GitLab. This 3-minute demo shows how to:
* Break silos and collaborate across design, dev, test, security, and ops
* Manage priorities using issues and boards
* Simplify code review and automate code quality tests
* Automate unit testing, security testing, and license compliance as part of the CI/CD pipeline
* Implement release controls to regulate what goes to production
* Monitor configured environments
---
# The Zebra | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
[Customer stories](/customers/)
The Zebra
 + 
How The Zebra achieved secure pipelines in black and white
==========================================================
Enhanced CI/CD
Less software maintenance
Improved developer workflow

Industry Technology
Employees 350
Location Austin, TX
Solution
[GitLab Ultimate](/pricing/ultimate/)
Want to see what [GitLab Ultimate](/pricing/ultimate/)
can do for your team?
[Start your free trial](https://gitlab.com/-/trials/new?_gl=1%2Au3qiai%2A_ga%2AMTMyODM2NjQzOC4xNjU3OTA0NDQ2%2A_ga_ENFH3X7M5Y%2AMTY3ODkzMDM3MS40MDQuMC4xNjc4OTMwMzcyLjAuMC4w&glm_content=default-saas-trial&glm_source=about.gitlab.com%2F)
* * *
66% fewer tools
* * *
2x faster deployments
* * *
Ready to get started? [Get free trial](https://gitlab.com/-/trials/new?_gl=1%2Au3qiai%2A_ga%2AMTMyODM2NjQzOC4xNjU3OTA0NDQ2%2A_ga_ENFH3X7M5Y%2AMTY3ODkzMDM3MS40MDQuMC4xNjc4OTMwMzcyLjAuMC4w&glm_content=default-saas-trial&glm_source=about.gitlab.com%2F)
[Learn about pricing](/pricing/)
The Zebra, an online insurance comparison site, adopted GitLab for SCM, CI/CD, and SAST and DAST.
The biggest value (of GitLab) is that it allows the development teams to have a greater role in the deployment process. Previously only a few people really knew how things worked, and now pretty much the whole development organization knows how the CI pipeline works, can work with it, add new services, and get things into production without infrastructure being the bottleneck.
\- Dan Bereczki, Sr. Software Manager, The Zebra
### Insurance in black and white
The Zebra was established to provide customers with a simplified way to compare insurance providers. Established in 2012, The Zebra is an online insurance comparison shop that researches car insurance options and delivers the best rates available. [The Zebra](https://www.thezebra.com/about/)
has recently expanded into homeowners and renters insurance.
### Too many plugins without any advantages
The Zebra was using GitHub as its repository and Jenkins for deployments. The teams were also using Terraform to deploy to AWS. The number of Jenkins plugins created an overwhelming amount of management work. On top of that, the variety of plugins caused security vulnerabilities because some tools were no longer supported or too fragile to update in the deployment environment.
“The biggest problem that we were having was that we were using Jenkins to do our deploys before GitLab. We put enough plugins into that. It was so fragile that nobody wanted to touch it,” said Dan Bereczki, Sr. Software Manager. “Anybody that did try to touch it broke it, and then deploys were down for half a day or a day to try to fix things, or keep things all upgraded.”
Teams wanted to improve the existing CI/CD process, but that meant adding plugins to Jenkins, further complicating the existing level of maintenance. The Zebra needed a new solution that would integrate testing and security, as well as allow for deploys to a [variety of different platforms](/partners/)
.
We've gone from deploying once a week, to twice a week. We're getting to a place where we're getting comfortable with our testing verification. We'll be at continuous deployment hopefully by the end of the year and be able to deploy at will.
\- Dan Bereczki, Sr. Software Manager, The Zebra
### A fast migration with zero plugins
The Zebra researched a variety of platforms to replace the existing plugins and ease management stress. They adopted GitLab because it provides an enhanced repository without having to manage plugins. Moreover, the CI/CD capabilities were the selling point.
On top of that, the teams were eager to adopt GitLab because it offers features that other solutions don’t offer, like built-in security. “People realized how much more control they had of their processes, and how easy it was to make the transition. We got the migration done in under three months,” Bereczki said. Ninety-five percent of Jenkins code was migrated over in that time, and they have since completely moved off of Jenkins and GitHub.
All six of the application development teams and even a few other teams outside of development are using GitLab. “Now instead of one or two people who understand the intricacies of Jenkins and can fix the things that are problematic, everybody knows how to work with the GitLab pipeline,” Bereczki said. The teams went from using 3 tools — GitHub, Codeship CI, and Jenkins Deploy — to using only [GitLab CI/CD](/solutions/continuous-integration/)
, fully integrated and fully automated.
### One platform, many solutions
With GitLab, The Zebra can now focus on moving towards continuous deployment because teams can deploy at will, without waiting for other schedules. All of the development teams have a greater role in the deployment process because they understand how the CI pipeline works and can work within it. On top of that, the infrastructure is no longer a bottleneck for deployment.
The workflow usually begins with a request from marketing. From there, it becomes a technical brief which gets broken into a set of JIRA tickets and then assigned to the appropriate team. It then gets worked on, code gets generated and goes into the GitLab repository. Then, the team will use the GitLab CI/CD pipeline to get it deployed in the development environment. Terraform is used to implement infrastructure as code to ensure configuration changes are maintained throughout the test and deployment process.
Teams use Amazon EKS with RDS. Traffic routing is initially handled by Cloudflare, then internal Elastic Load Balancing. When developers need to connect The Zebra services to outside, third-party services they use Amazon Virtual Private Cloud. “We don’t want systems where it’s this black box that nobody knows how it works. We’re slowly getting rid of that,” Bereczki said.
GitLab has enabled cross-functional relationships between the development teams because now they own their own code all the way into production. Developers can understand each step to deployment and can work through any issues and make changes without worrying about disrupting other parts of the workflow.
[GitLab SAST and DAST](/solutions/security-compliance/)
makes it easier for compliance for SOC2 Type 1 certification and now the teams are in the middle of SOC2 Type 2 certification. It has also provided additional testing and security measures reducing their risk. “The biggest impact is, we’ve got a whole bunch of vulnerabilities that we didn’t even know were there, that we’re dealing with right now. We’re remediating those,” Bereczki states. They have eliminated all identified Criticals and Highs on four projects so far. “The nice thing about it is that, since it’s part of the pipeline now, we won’t be playing catch up for when we schedule a penetration test, or when we run some quarterly or biannual tests,” added Bereczki.
All information and persons involved in case study are accurate at the time of publication.
[#### Find out which plan is best for your team.\
\
See our pricing plans](/pricing/)
[#### How much is your current toolchain costing you?\
\
ROI calculator](/calculator/)
* * *
[\
\
#### FullSave\
\
FullSave simplifies toolchain\
\
Read story](/customers/fullsave/)
[\
\
#### Siemens\
\
How Siemens created an open source DevOps culture with GitLab\
\
Read story](/customers/siemens/)
[\
\
#### Hilti\
\
How CI/CD and robust security scanning accelerated Hilti's SDLC\
\
Read story](/customers/hilti/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Siemens | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
[Customer stories](/customers/)
Siemens
 + 
How Siemens created an open source DevOps culture with GitLab
=============================================================
Improved developer efficiency
Cost and time savings
Improved collaboration

Industry Technology
Employees 25,000+
Location 190 Countries
Solution
[GitLab Free](/pricing/)
Want to see what [GitLab Ultimate](/pricing/ultimate/)
can do for your team?
[Start your free trial](https://gitlab.com/-/trials/new?_gl=1%2Au3qiai%2A_ga%2AMTMyODM2NjQzOC4xNjU3OTA0NDQ2%2A_ga_ENFH3X7M5Y%2AMTY3ODkzMDM3MS40MDQuMC4xNjc4OTMwMzcyLjAuMC4w&glm_content=default-saas-trial&glm_source=about.gitlab.com%2F)
* * *
40,000+ GitLab users
* * *
6.4M+ builds per month
* * *
Ready to get started? [Get free trial](https://gitlab.com/-/trials/new?_gl=1%2Au3qiai%2A_ga%2AMTMyODM2NjQzOC4xNjU3OTA0NDQ2%2A_ga_ENFH3X7M5Y%2AMTY3ODkzMDM3MS40MDQuMC4xNjc4OTMwMzcyLjAuMC4w&glm_content=default-saas-trial&glm_source=about.gitlab.com%2F)
[Learn about pricing](/pricing/)
Siemens transformed its collaboration and organizational workflow with GitLab SCM, CI/CD, and DevOps.
We really try to bring the open source culture in, and so far, we really succeeded. With CI/CD, we have one and a half million builds every month. The whole culture has completely changed.
\- Fabio Huser, Software Architect at Siemens Smart Infrastructure, Siemens
### Worldwide innovation pioneer
Siemens was founded in 1847 as a “backyard machine shop” in Berlin, Germany. Siemens AG (Berlin and Munich) is a global technology powerhouse that has stood for engineering excellence, innovation, quality, reliability, and internationality for more than 170 years. Active around the world, the company focuses on intelligent infrastructure for buildings and distributed energy systems and on automation and digitalization in the process and manufacturing industries.
[Siemens](https://www.siemens.com/global/en.html)
brings together the digital and physical worlds to benefit customers and society. Through Mobility, a leading supplier of intelligent mobility solutions for rail and road transport, Siemens is helping to shape the world market for passenger and freight services. Via its majority stake in the publicly listed company Siemens Healthineers, Siemens is also a world-leading supplier of medical technology and digital health services.
In addition, Siemens holds a minority stake in Siemens Energy, a global leader in the transmission and generation of electrical power that has been listed on the stock exchange since September 28, 2020. In fiscal 2019, which ended on September 30, 2019, the Siemens Group generated revenue of €58.5 billion and net income of €5.6 billion. As of September 30, 2019, the company had around 295,000 employees worldwide on the basis of continuing operations.
### Large-scale company with large-scale needs
With over 20,000 developers, Siemens is divided into multiple organizations acting within different domains, mainly focused on business-to-business initiatives. According to Fabio Huser, Software Architect, the challenge was, “How do we build a DevOps culture around this really fractured federalistic company structure?”
Siemens needed a DevOps platform that offered collaboration, transparency, and proper code management to achieve their goal: A community for employees around the world, and a single source of truth for code. In order for a tool to be successful, Siemens required developers to have a collaborative mindset, full stack engineering knowledge, experience as an open source contributor, and a scalable platform that can be used to build upon itself. The vision for an improved workflow included the ability to collaborate on code and share it within minutes, speed up time to market, empower people to own their own code, and set the technological foundation for future business models.
### Adopting open source first
A small team within Siemens adopted GitLab in 2013 for collaboration and version control to develop Linux based embedded devices. In a typical grassroots approach, the team opened the platform for the whole company and scaled it up to over 40,000 users. The DevOps platform provides a place for different teams to work on the same project with the ability to share code within minutes and to collaborate easily across the world.
“The open source world comes up with new tools every week. But at the end of the day, we really try to solve it like a human issue. We want to collaborate, and the tool is just a secondary thing after all,” Huser said. “Thanks to GitLab, we found a tool which facilitates this ideology. It's all about the people behind it and to maintain this idea and also have this community spirit within Siemens, you really need to establish such a community.”
In 2015, the code.siemens.com team shifted its focus to DevOps CI/CD, calling its specific workflow style “junkyard computing” in the early days to enable integration builds for open source components. “Thanks to the ease of use of the GitLab runner, you can set up new machines in a matter of minutes," according to Huser. "If you have old machines laying around and you have a good enough set up in terms of network, you can literally set up new runners, new capabilities in a minute. It's quite cost effective.”
### Code, collaboration, and community
Today, code.siemens.com has its [IT infrastructure on AWS](/blog/2020/03/24/from-monolith-to-microservices-how-to-leverage-aws-with-gitlab/)
. There is no longer a need for “junkyard computing” because code.siemens.com is a fully established service with a large in-house developer community provided by the Siemens IT organization.
The infrastructure evolved to a highly tuned and sophisticated setup, with a large amount of EC2 instances all managed as [Infrastructure as Code](/topics/gitops/infrastructure-as-code/)
. SaaS solutions such as S3, RDS, ElastiCache, EFS, and ELB are used as well, since those can be replaced by standard open source solutions to minimize vendor lock-in. GitLab is hosted on AWS, also the supporting services such as GitLab CI runners, monitoring, logging, crash reporting and more. Siemens has exceeded over 38 million CI builds since adopting GitLab. “If you're part of Siemens you have different repositories you can collaborate with. We really try to bring the open source culture in and so far, we really succeeded. With CI/CD we have one and a half million builds every month. The whole culture has completely changed,” Huser said.
With GitLab, Siemens saves both time and money because there is no need to maintain local patches or manually update fixes. The code.siemens.com team follows an ‘upstream first’ workflow. “We go without patches. We only deploy upstream versions, nothing else. If we want to have new features, we contribute them to GitLab. We do not patch our instance,” said Roger Meier, Principal Key Expert and Service Owner of code.siemens.com from Siemens IT. “As soon as they are merged upstream, we will deploy the next version. So we ship every month. We do about four production deployments per month.”
The code.siemens.com platform is managed by a team of just eight people distributed across four countries in a highly agile fashion. All team members are committed to the open source way of working. They are coaching, supporting, and guiding the internal developer community, on top of managing the whole infrastructure and application. They use GitLab day by day to manage all their activities. All team members contribute and/or maintain several open source projects, while providing a reliable service for the wider Siemens developer community to increase developer happiness.
Collaboration happens throughout the entire organization with over 40,000 GitLab users and the potential to expand. GitLab helps Siemens ensure scalability internally and with customer development opportunities. “Our customers and our developers just want to have a reliable service that is running all the time,” Meier added.
Siemens teams heavily contribute to GitLab with over 150 merged MRs in GitLab. In addition, Huser and Meier are [GitLab Heroes](/community/heroes/)
and were selected as [GitLab MVPs](https://about.gitlab.com/community/mvp/)
. The teams not only use the DevOps platform, but they pride themselves with being so knowledgeable that they don’t use a support team from GitLab. “Since the beginning, we were talking about all our ideas and to have our roadmap visible for all the people within the company. You have to walk the talk, that's key. Of course, focus on your customers: for developers, from developers,” Meier said.
All information and persons involved in case study are accurate at the time of publication.
[#### Find out which plan is best for your team.\
\
See our pricing plans](/pricing/)
[#### How much is your current toolchain costing you?\
\
ROI calculator](/calculator/)
* * *
[\
\
#### FullSave\
\
FullSave simplifies toolchain\
\
Read story](/customers/fullsave/)
[\
\
#### Siemens\
\
How Siemens created an open source DevOps culture with GitLab\
\
Read story](/customers/siemens/)
[\
\
#### Hilti\
\
How CI/CD and robust security scanning accelerated Hilti's SDLC\
\
Read story](/customers/hilti/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# FullSave | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
[Customer stories](/customers/)
FullSave
 + 
French telecom FullSave uses GitLab to reduce DevOps toolchain and dramatically multiply deployments
====================================================================================================
Consolidated toolchain
Increased code output
Automated project deployment

Industry Telecommunications
Employees 100
Location Labège, France
Solution
[GitLab Ultimate](/pricing/ultimate/)
Want to see what [GitLab Ultimate](/pricing/ultimate/)
can do for your team?
[Start your free trial](https://gitlab.com/-/trials/new?_gl=1%2Au3qiai%2A_ga%2AMTMyODM2NjQzOC4xNjU3OTA0NDQ2%2A_ga_ENFH3X7M5Y%2AMTY3ODkzMDM3MS40MDQuMC4xNjc4OTMwMzcyLjAuMC4w&glm_content=default-saas-trial&glm_source=about.gitlab.com%2F)
* * *
95% faster deployment time
* * *
12x increase in deployment frequency
* * *
Ready to get started? [Get free trial](https://gitlab.com/-/trials/new?_gl=1%2Au3qiai%2A_ga%2AMTMyODM2NjQzOC4xNjU3OTA0NDQ2%2A_ga_ENFH3X7M5Y%2AMTY3ODkzMDM3MS40MDQuMC4xNjc4OTMwMzcyLjAuMC4w&glm_content=default-saas-trial&glm_source=about.gitlab.com%2F)
[Learn about pricing](/pricing/)
A change in the licensing model of the company's previous issue tracking and project management tool, plus a desire to consolidate their toolchain, pushed FullSave to switch to GitLab.
GitLab is an all-in-one solution that offers clarity and helps to improve the whole team’s efficiency.
\- Laurent Lavallade, Chief Technology Officer, FullSave
### The customer
[FullSave](https://www.fullsave.com/)
is a telecommunications infrastructure operator based in Labège, France. Founded in 2004, the private company has about 100 employees and provides connectivity services, cloud infrastructure, and shared hosting in its data centers. It also deploys and operates its own fiber network and offers adapted internet access services.
FullSave has a history with GitLab. While the company has used several other DevOps tools for more than five years, it has also been using different versions of GitLab’s platform, such as the free version and the Enterprise edition. For instance, seven developers used the free version to deploy 302 projects, along with managing about 100 issues and 50 merge requests per month. Other teams used GitLab to exchange source code and configuration files with customers, to build and launch network and data center tools, and to automate project deployments and Docker builds.
### The challenge
FullSave faced several challenges that were causing development and deployment slowdowns.
The company’s policy is to host its own tools but its previous tool’s new licensing model did not allow for self-hosting. As FullSave was met with this licensing issue, the company’s IT managers also recognized that they needed to replace their DevOps toolchain with a single, end-to-end DevOps platform for better CI/CD integration, to reduce complexity and boost productivity. They also knew that a single application would give them the issue and commit traceability they needed to obtain an ISO27001 certification, an internationally recognised standard that deals with the overall management of information security.
Going all in with GitLab’s platform was an easy decision for FullSave.
“We’ve been using GitLab for several years as it had all the features we needed,” says Laurent Lavallade, chief technology officer at FullSave. “This helped us consolidate from the use of several tools to a single platform that had all the features integrated within it. Switching to GitLab’s Enterprise edition was the natural next step.”
GitLab checked all of their boxes. And FullSave’s IT professionals were familiar with everything the platform brings to the table – increased collaboration, efficiency, security, and automation.
In their last environment, integration between FullSave’s previous tool and GitLab did work but it did not work as well, or as efficiently, as simply using GitLab’s single, end-to-end platform alone.
### The solution
By replacing FullSave’s old issue tracking and project management tool and upgrading to GitLab Ultimate SaaS, FullSave has been able to take on its biggest DevOps challenges.
For instance, developers previously were merging issues directly into the development branch. But thanks to GitLab's merge request workflow, FullSave has been able to solve challenges around the validation of code changes and increase efficiency.
Collaboration across teams also has improved with GitLab. Issue dependencies, for example, help front-end and back-end teams see where a project stands, know when they need one another, and communicate more readily and easily. That kind of collaboration helps team members share responsibilities and reduces individual efforts. It also increases everyone’s overview of a project and the progress it’s making along its lifecycle.
### The results
By more fully adopting GitLab’s single platform, FullSave has been able to improve communication, collaboration, and efficiencies in both development and deployment. All of this eased their entire software development lifecycle.
One of the biggest improvements FullSave’s team has seen is in the speed of development and deployment. Before expanding their use of GitLab, they generally saw deployments only two or three times a month. Now, they are deploying software many times a day, and those deployments are a lot cleaner. Previously, many deployments were done manually, but now with GitLab’s deployment automation, there has been a noticeable reduction in errors and deployment time has been slashed from two to three hours to a few minutes.
Increased use of GitLab is:
* Decreasing integration issues and errors
* Improving software quality
* Increasing code output
* Simplifying software development processes and workflow
* Enabling FullSave to obtain their ISO27001 certification, which some of its customers require them to have
* Facilitating collaboration
* Helping staff plan and build roadmaps and custom boards
The company has experienced a lot of benefits to handling so many parts of the software lifecycle within a single platform, instead of relying on a complex toolchain. GitLab’s all-in-one solution empowers FullSave’s developers and gives them clarity over projects and how they are progressing, so team members can see where they stand and how they can contribute.
And by enabling collaboration and making developers’ work more efficient, team members now have additional time to create more, and better software products with increased security. For a small team like the one at FullSave, that means they are able to maintain more projects because they use GitLab.
All information and persons involved in case study are accurate at the time of publication.
[#### Find out which plan is best for your team.\
\
See our pricing plans](/pricing/)
[#### How much is your current toolchain costing you?\
\
ROI calculator](/calculator/)
* * *
[\
\
#### FullSave\
\
FullSave simplifies toolchain\
\
Read story](/customers/fullsave/)
[\
\
#### Siemens\
\
How Siemens created an open source DevOps culture with GitLab\
\
Read story](/customers/siemens/)
[\
\
#### Hilti\
\
How CI/CD and robust security scanning accelerated Hilti's SDLC\
\
Read story](/customers/hilti/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# CACI | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
[Customer stories](/customers/)
CACI
 + 
CACI uses GitLab to boost tech delivery for public sector customers
===================================================================
Reduced costs
Increased delivery velocity
Improved security

Industry Public Sector
Employees 24,000+
Location Reston, Virginia
Solution
GitLab Ultimate
Want to see what [GitLab Ultimate](/pricing/ultimate/)
can do for your team?
[Start your free trial](https://gitlab.com/-/trials/new?_gl=1%2Au3qiai%2A_ga%2AMTMyODM2NjQzOC4xNjU3OTA0NDQ2%2A_ga_ENFH3X7M5Y%2AMTY3ODkzMDM3MS40MDQuMC4xNjc4OTMwMzcyLjAuMC4w&glm_content=default-saas-trial&glm_source=about.gitlab.com%2F)
* * *
90% savings in labor/admin
* * *
13x faster security scanning
* * *
7+ tools consolidated into 1 platform
* * *
Ready to get started? [Get free trial](https://gitlab.com/-/trials/new?_gl=1%2Au3qiai%2A_ga%2AMTMyODM2NjQzOC4xNjU3OTA0NDQ2%2A_ga_ENFH3X7M5Y%2AMTY3ODkzMDM3MS40MDQuMC4xNjc4OTMwMzcyLjAuMC4w&glm_content=default-saas-trial&glm_source=about.gitlab.com%2F)
[Learn about pricing](/pricing/)
[CACI International Inc.](http://www.caci.com/)
, a $7.7 billion company whose technology and expertise play a vital role in U.S. national security and government modernization, considers itself a major industry disruptor, and its agile software development is its superpower. CACI has made a name for itself by delivering critical software and software-enabled hardware to U.S. government agencies, the U.S. intelligence community, and the Department of Defense. So, when the company realized they needed to disrupt their way of developing and deploying software, they partnered with GitLab, a company they saw as disrupting its own industry.
We turned to GitLab to allow us to rethink, and disrupt, the way we develop and build software swiftly, without compromising security. It’s how we enable our agile software development business.
\- Glenn Kurowski, Senior Vice President and CTO, CACI
CACI migrated to GitLab’s AI-powered DevSecOps platform to increase efficiency, [security](https://about.gitlab.com/blog/2023/02/02/its-time-to-put-the-sec-in-devsecops/)
, and productivity, while also [consolidating what had been cumbersome and expensive toolchains](https://about.gitlab.com/blog/2022/08/24/too-many-toolchains-a-devops-platform-migration-is-the-answer/)
.
“Our customers rely on us because they know agile software development is our superpower,” says [Glenn Kurowski](https://www.caci.com/bio/glenn-kurowski)
, senior vice president and CTO of CACI. “But looking at ourselves critically revealed some programs were using DevSecOps toolchains that were great years ago but not that great today. With multiple acquisitions under our belt, we had different DevSecOps toolchains spread across our software development teams. It was working but we knew it could be more efficient. We had to disrupt ourselves to improve our superpower.
According to Kurowski, CACI selected GitLab as its partner because of his confidence in it as a full DevSecOps platform, GitLab’s rapid pace of continuous innovation, and its willingness to partner on the emerging USG security requirements. Adopting GitLab also allowed CACI to have a more homogenous approach and eliminated seams created by using disparate products.
### The backbone of CACI’s common environment
A big part of CACI’s plan was to commit to using GitLab as the central cog in building a company-wide Common Software Development Environment (CSDE).
Building CACI’s software in the CSDE, which is set up as a service on the AWS GovCloud, ensures everything they develop is fully compliant with emerging federal regulations. The environment includes a standard set of tools, services, and rule frameworks for regulatory mandates. With CSDE as-a-service, it’s available to all projects. And the GitLab DevSecOps platform is at the center of it.
“Previously, our teams frequently had to build a new DevSecOps toolchain for every new contract that came in,” says Kyle Craft, CSDE service lead at CACI. “With GitLab at the heart of our CSDE, you just create a new account and start working on the software, instead of spending time building and administering a toolchain. It’s much more efficient.”
Teams across CACI use the CSDE for the company’s nearly 190 different software development projects — unless a customer requires the use of their own environment. The company is seeing a 90% savings in labor and administrative work around toolchain administration since moving to a GitLab-based CSDE. Patch creation automation is down from hours to minutes, while security scanning has sped up by 13x versus previous implementations.
“Our developers love the ease of use, the availability, reliability, and scalability of our GitLab-based CSDE service,” says Craft. “GitLab is the backbone of the way we build software, and our workforce loves how fast they can start up projects and produce software for new programs and projects.”
CACI has seen “explosive growth” in CSDE users since standardizing on GitLab. Rolling out CSDE started with just 110 initial users in the summer of 2022. But a little over a year later, that usage had grown to more than 1,900 developers. It helps that GitLab fits the scale at which CACI’s agile software development executes. For example, one program alone in CACI has more than 150 applications and issues 800 releases of new capability per year.
“Our customers expect innovation and high-quality software. They desperately need high velocity – rapid releases of new capabilities to address evolving mission needs,” says Kurowski. “Many in our industry do software development but we take it to the next level, and at scale. To expand our leading position, we turned to GitLab to enable us to rethink, and disrupt the way we [build software swiftly without compromising security](https://about.gitlab.com/blog/2023/07/24/how-devsecops-drives-business-success/)
.”
### Supporting a major software build
The GitLab-based CSDE has been critical in CACI’s work to create a new version of a communication system for one of its customers.
Two earlier versions of the project were built using a variety of different DevSecOps tools. To support the development of the new version of the mission application, the team switched to CACI’s GitLab-based CSDE for an integrated end-to-end DevSecOps platform.
“GitLab had all the features and [automation](https://about.gitlab.com/blog/2022/12/12/how-automation-is-making-devops-pros-jobs-easier/)
we needed in one application. It simplified our work,” says Wesley Monroe, technical project manager at CACI. “With all of the road mapping, issue tracking, and security scanning in one place, it’s hard to even compare it with what we were using before.”
### Meeting government regulations
One of the greatest benefits of using GitLab’s DevSecOps platform is that it enables CACI to be prepared to handle emerging security compliance requirements, avoiding costly rework down the road.
Meeting government laws, regulations, and standards is critical for a government contractor. That means not only being compliant but being able to prove it.
CSDE was another example of CACI investing ahead of its customers’ needs. “We have positioned ourselves to be able to meet future contract security requirements,” says Craft. “We can attest to meeting security standards and have the data to back that up, which is tracked and stored in the GitLab platform.”
Using a single platform also enables CACI’s teams to shift security left, incorporating it into every phase of the software development lifecycle. That’s key to being able to meet security-focused US government regulations, such as the Secure Software Development Framework (SSDF).
### Cutting costs and simplifying complexities
Before CACI launched its migration to GitLab DevSecOps, teams had been weighed down with a large number of [disparate and expensive tools](https://about.gitlab.com/blog/2022/12/05/shake-off-sprawling-diy-toolchains-with-a-devsecops-platform/)
across the enterprise. Now they are reducing that complexity by migrating off some of those tools.
By trimming the company’s toolchains, Kurowski says they have reduced licensing costs, spent less time administering their tools, and have been able to dedicate more time to developing software. He also notes that teams are more productive, they’re launching projects much faster, and they’re more easily meeting demand surges. He says training also has been simplified, upgrades are done more smoothly and quickly, and project management has become more in line with code development. Patches are also now done with little to no downtime.
Software developers, working on a common platform, now easily move between projects to meet surges in customer demand. “This ensures customers have access to top software development talent at speed,” says Kurowski.
The platform also has enabled them to create documentation that is “night and day better” than what they were able to produce before, notes Craft. That’s largely because the platform fosters strong collaboration inside and among DevSecOps teams, giving them better visibility into projects and the ability to share responsibility for making notes about problems, solutions, and best practices.
### Creating a DevSecOps community
CACI’s DevSecOps users have been creating what Craft calls a “community of practice” because of the extra visibility and collaboration they’re finding through the platform. “Because we’re using the same platform, we’re aware of each other like we never were before,” he explains.
Part of CACI’s expanding use of GitLab means looking forward to purposefully and responsibly leveraging AI features, like [GitLab Duo](https://about.gitlab.com/gitlab-duo/)
, built into the platform. Kurowski says they anticipate using AI to help learn and understand existing code, and to develop new code.
“We love where GitLab is headed with augmenting DevSecOps with AI,” he adds. “Our coders spend more time understanding code than writing it. That’s just the norm for the industry. The idea of augmenting the process with code explanation, code suggestions, and code assistance, in general, is spot on with a core need.”
All information and persons involved in case study are accurate at the time of publication.
[#### Find out which plan is best for your team.\
\
See our pricing plans](/pricing/)
[#### How much is your current toolchain costing you?\
\
ROI calculator](/calculator/)
* * *
[\
\
#### FullSave\
\
FullSave simplifies toolchain\
\
Read story](/customers/fullsave/)
[\
\
#### Siemens\
\
How Siemens created an open source DevOps culture with GitLab\
\
Read story](/customers/siemens/)
[\
\
#### Hilti\
\
How CI/CD and robust security scanning accelerated Hilti's SDLC\
\
Read story](/customers/hilti/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Why GitLab's collaboration technology is critical for GitOps: A demo
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
[Topics](/topics/)
[Gitops](/topics/gitops/)
Why GitLab's collaboration technology is critical for GitOps: A demo
Why GitLab's collaboration technology is critical for GitOps: A demo
====================================================================
* * *
Collaboration software like GitLab, makes GitOps workflows easier. This article includes a demo on how GitLab powers GitOps through collaboration.
[GitOps](/topics/gitops/)
refers to using a Git repository as the single source of truth for all the code that goes into building infrastructure and deploying applications. By using a version control system, such as Git, as the single source of truth, engineers are able to update the underlying source code for their applications in a continuous delivery format.
The [version control](/topics/version-control/)
system ensures documentation and visibility, while an audit trail enables compliance. GitOps makes it easy to revert changes and provides one place to access the most current information to help teams understand the current state from the perspective of both software development and operations teams.
GitOps and GitLab
-----------------
[](#git-ops-and-git-lab)
GitLab is a single application for the entire DevOps lifecycle and serves as a [collaboration](/blog/2020/11/23/collaboration-communication-best-practices/)
platform that empowers stakeholders to weigh in on the code production process. Collaboration is an important aspect of the GitOps process, because teams across the entire development lifecycle - from infrastructure and development teams to security and business stakeholders - require a seamless method to collaborate to ship code quickly and efficiently.
[GitOps isn't just about the code](/solutions/gitops/)
, it's about the collaboration, and GitLab enables every team to work in a single platform.
Using GitLab collaboration features for GitOps
----------------------------------------------
[](#using-git-lab-collaboration-features-for-git-ops)
_The remaining article includes a demo on how GitLab powers GitOps through collaboration. The demo covers example epics and issues, which are linked in subsequent sections._
### Planning a project with epics[](#planning-a-project-with-epics)
Since GitOps is deployment centered on version control, the first step is to define the scope of the project and identify the stakeholders. Next, team members can share any other information that might be necessary to make the project happen, such as coding, changes to infrastructure as code, what changes must be reviewed, and eventually deployed to production.
After opening an [epic](/blog/2020/01/21/epics-three-features-accelerate-your-workflow/)
in the associated repository, teams can add goals and tasks in the description. An epic enables teams to track issues across different [projects](/blog/2020/04/02/security-trends-in-gitlab-hosted-projects/)
and milestones. An [issue](/blog/2018/08/02/4-ways-to-use-gitlab-issue-boards/)
is the main medium for collaborating ideas and planning work in GitLab.
**Example epic and issues**
In this example epic, called [Scale the Cloud](https://gitlab.com/groups/gitops-demo/infra/-/epics/2)
, teams can view the process behind scaling up a Kubernetes cluster in GitLab. Because GitLab is [multicloud](/blog/2020/06/30/many-meanings-multicloud/)
, there are three separate issues for the demo that articulate what is required to deploy the [Kubernetes](/blog/2019/10/24/kubernetes-101/)
cluster to each unique environment: [Azure (AKS)](https://gitlab.com/gitops-demo/infra/azure/issues/1)
, [Google (GKE)](https://gitlab.com/gitops-demo/infra/gcp/issues/4)
, and [Amazon (EKS)](https://gitlab.com/gitops-demo/infra/aws/issues/3)
.
### Fostering collaboration and transparency with GitLab[](#fostering-collaboration-and-transparency-with-gitlab)
At the epic level, teams can see that the issue for scaling inside the EKS cluster has already been completed. Clicking the issue reveals that a merge request was created from the tasks outlined in the issue, and that the MR is already [merged](/blog/2020/01/30/all-aboard-merge-trains/)
.
To see what exactly has changed between the original code and current code, click inside the MR. From here, teams can see that all the tests that passed before/after merging, consult the comment history to identify changes, and make a note who approved and merged the code.
The issue for scaling to [GKE](/blog/2020/03/27/gitlab-ci-on-google-kubernetes-engine/)
is not yet completed. The merge request is still a [Work in Progress (WIP)](https://docs.gitlab.com/ee/user/project/merge_requests/drafts.html)
, meaning nothing has been changed yet. There is a comment on the MR from Terraform, which shows that the node count needs to change from two nodes to five nodes to prepare the GKE environment for deployment. Whoever is the approver for the MR clicks `Resolve the WIP Status` to kick off the pipeline and can opt to delete the source branch to merge the updated node count.
In order for GitLab to be an effective collaboration tool, it also needs to be transparent which is why everyone in the organization is able to see an issue and associated MR by default. The issue and MR can be assigned to a collaborator, or the collaborator can be tagged in the comments section to have it added to their [To Do list](https://docs.gitlab.com/ee/user/todos.html)
.
Navigating back to the Epic view, which is what stakeholders will often use to view project progress, teams can see that the deployment for scaling GKE to five nodes is underway.
Using GitLab for a GitOps [workflow](https://thenewstack.io/what-is-gitops-and-why-it-might-be-the-next-big-thing-for-devops/)
, every team member is able to work from the same system and understand the status of projects. Whether in infrastructure or in application development, all changes follow the same process of, defining the body of work, assigning it to individuals, collaborating with teammates, and deploying that code and using the Git repository as that single source of truth.
Ready to learn more about GitOps?
---------------------------------
[](#ready-to-learn-more-about-git-ops)
* [What is a GitOps workflow?](/topics/gitops/gitops-workflow/)
* [The benefits of GitOps workflows](/topics/gitops/gitops-best-practices/)
* [Discover how GitLab streamlines GitOps workflows](/solutions/gitops/)
* [Learn about the future of GitOps from tech leaders](/why/gitops-infrastructure-automation/)
* [Download the beginner's guide to GitOps](https://page.gitlab.com/resources-ebook-beginner-guide-gitops.html)
On this page
[GitOps and GitLab](#git-ops-and-git-lab)
[Using GitLab collaboration features for GitOps](#using-git-lab-collaboration-features-for-git-ops)
[Demo: How GitLab empowers GitOps](#demo-how-git-lab-empowers-git-ops)
[Ready to learn more about GitOps?](#ready-to-learn-more-about-git-ops)
More on this topic
[What is GitOps?](/topics/gitops/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Airbus | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
[Customer stories](/customers/)
Airbus
 + 
Airbus takes flight with GitLab, releasing features 144x faster
===============================================================
One unified workflow
Improved code quality
Faster releases

Industry Aerospace
Employees 130,000
Location Worldwide
Solution
[GitLab Self-Managed Premium](/pricing/premium/)
Want to see what [GitLab Ultimate](/pricing/ultimate/)
can do for your team?
[Start your free trial](https://gitlab.com/-/trials/new?_gl=1%2Au3qiai%2A_ga%2AMTMyODM2NjQzOC4xNjU3OTA0NDQ2%2A_ga_ENFH3X7M5Y%2AMTY3ODkzMDM3MS40MDQuMC4xNjc4OTMwMzcyLjAuMC4w&glm_content=default-saas-trial&glm_source=about.gitlab.com%2F)
* * *
10,000 merge requests per year on average
* * *
425% project growth in 5 years
* * *
144x faster feature releases
* * *
Ready to get started? [Get free trial](https://gitlab.com/-/trials/new?_gl=1%2Au3qiai%2A_ga%2AMTMyODM2NjQzOC4xNjU3OTA0NDQ2%2A_ga_ENFH3X7M5Y%2AMTY3ODkzMDM3MS40MDQuMC4xNjc4OTMwMzcyLjAuMC4w&glm_content=default-saas-trial&glm_source=about.gitlab.com%2F)
[Learn about pricing](/pricing/)
With GitLab's single-application continuous integration (CI), Airbus Intelligence has improved their workflow and code quality.
It’s simple. All teams operate around this one tool. Instantly, that made communication easier. We wouldn’t be where we are today if we didn’t have GitLab in our stack
\- Logan Weber, Software Automation Engineer, Airbus Defense and Space, Intelligence
### A global pioneer in aerospace
[Airbus Intelligence](https://www.intelligence-airbusds.com/)
is a leading provider of commercial satellite imagery and premium geospatial data services as well as innovative defence solutions. The company's products and services support decision makers worldwide to increase security, optimise mission planning, boost performance, improve management of natural resources, and protect the environment.
### Adopt a better developer workflow
As a multinational corporation, Airbus Intelligence needs tools that can help their team collaborate and work more efficiently across the globe. The Intelligence business wanted to avoid the common challenges of many global companies: distributed teams and disconnected toolchains that cause workflow inefficiency and slow production. An improved workflow that could break through these challenges, make teams more efficient, and foster communication was a high priority. Logan Weber is a software automation engineer at the Web Factory. Finding a better developer workflow was one of his core missions, and the Web Factory’s agility makes the team an ideal testing ground for new tools and technologies. For Weber, it was important that any tools they adopt share a similar dedication to innovation. “We’re in the midst of a digital transformation,” Weber said. “We want to join forces with partners who know what they’re doing and can keep up with us.”
One of the Web Factory team’s big challenges was that their processes just weren’t efficient enough, which led to delayed releases and lost time in development. Developers could spend at least a full day on the production setup, and too much time was being spent on simple tasks that should have been automated. Developers were frustrated with these manual and lengthy processes that stopped them from focusing on code. With a new tool the Web Factory team also hoped to avoid communication breakdowns between teams. After spending time on the production setup, developers would sometimes realise that the final product didn’t correspond to the initial request, which would then lead to additional efforts. “We’d have to create a bug to modify this error. But it wasn’t a bug, it was just a lack of communication,” Weber explained.
The Web Factory team tested several tools in the search for the right developer workflow. Because the Web Factory team already used Jira, they decided to test other Atlassian products, such as Bitbucket for version control and Bamboo for CI. Unfortunately, Bitbucket and Bamboo didn’t offer a user-friendly experience, and both tools lacked some of the functionalities for their needs. The Web Factory team used Jenkins on old projects, but found it too complicated to maintain. They also wanted to be able to store their deployment script processes as code.
### A unified GitLab workflow
“There was a bit of anything and everything, but we just couldn’t find what we were looking for,” Weber said. After trying other tools, the Web Factory team chose GitLab because it offers several advantages over the other tools tested. Not only does GitLab offer version control and project management capabilities, it also provides best-in-class CI — all in a single application. The Web Factory uses a Scrum methodology with two-week sprints. Developers create a user story in Jira, and once they’re ready to work on it, they create an issue in GitLab. Once teams have finished gathering information and collaborating in issues, they create a merge request (MR) which will trigger a development branch. When developers are ready, they can ask other developers to review their code. The code will go through CI testing and, once all tests are passed, the reviewer can merge this development branch into the main branch. Because all of this goes through the MR, everyone can see the entire process from start to finish. And GitLab offered the team a way to store their deployment scripts as code using the `.gitlab-ci.yml` file — one of the team’s must-have features.
For developers, having security and vulnerability scans built into the integration testing was also very helpful. “What used to happen is we would touch one part of the code and it would break another part. Now, each time a developer pushes code, we can immediately identify problems,” Weber said. With issues and MRs, people across teams have a place to collaborate. With CI included, teams can view every project from start to finish, and this visibility has also removed the guesswork from deployments. Instead of relying on one person to manage a deployment because they were more involved or more knowledgeable about the specific project, anyone can deploy because they have the same visibility as everyone else.
### Better code quality, improved collaboration, happy developers
The first success the Web Factory noticed after adopting GitLab was the improvement in code quality. GitLab CI’s built-in security testing meant that developers could now identify bugs and vulnerabilities before they reached production. With GitLab CI, the Web Factory team was also able to deploy more frequently and with confidence. Instead of spending a full day setting up for production and doing manual tests, those simple tasks are now automated. This allowed release time to go from 24 hours to just 10 minutes. Today, Weber estimates that 98% of releases happen on time and the remaining 2% happen only a few hours later — a vast improvement from before.
Collaboration improved because everyone can communicate in one place. Now, any technical stakeholder knows what’s being worked on, where everything is in the process, and developers know where to find the information they need to do their jobs. Developers, designers, security, and operations teams all have a place in the tool. While the improvements in code quality, cycle times, and communication were expected, there were also some unexpected benefits to adopting GitLab that were pleasant surprises for Weber and the Web Factory team: happier developers.
For one, GitLab CI took the stress out of deployments. “When someone went on vacation, it could be hell,” Weber laughed. And with better automation, developers can now focus on upgrades, technically demanding tasks, and updates. What else can developers do with this newfound free time? “We can create features!” Weber said. “We create and improve features for applications, and there just wasn’t any time for that before. We have 17 applications, and now developers can stay focused on the important things.”
Happier developers also had a positive impact on recruitment. “\[The Web Factory\] had a hard time recruiting developers previously, but now that GitLab is a part of the tech stack, we’re receiving more applications from more experienced developers,” Weber explained. When developers can focus on their jobs, attracting other talented developers becomes easier. For Weber, adopting GitLab changed the entire development process for the better. The Web Factory team has been using GitLab for three years now, and Weber is a GitLab Hero who regularly shares his experience and expertise with others. If his team hadn’t adopted GitLab, he doesn’t think they would be as efficient. “We’d still have long processes, long periods of development, and less and less motivated developers who no longer like the projects they are working on and end up leaving,” Weber summarizes.
All information and persons involved in case study are accurate at the time of publication.
[#### Find out which plan is best for your team.\
\
See our pricing plans](/pricing/)
[#### How much is your current toolchain costing you?\
\
ROI calculator](/calculator/)
* * *
[\
\
#### FullSave\
\
FullSave simplifies toolchain\
\
Read story](/customers/fullsave/)
[\
\
#### Siemens\
\
How Siemens created an open source DevOps culture with GitLab\
\
Read story](/customers/siemens/)
[\
\
#### Hilti\
\
How CI/CD and robust security scanning accelerated Hilti's SDLC\
\
Read story](/customers/hilti/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# GitLab on Google Cloud | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
GitLab on Google Cloud
======================
Unite teams and workflows with GitLab, a comprehensive AI-powered DevSecOps platform to build, test, and deploy on Google Cloud.

[Watch our Fireside Chat](https://page.gitlab.com/fireside-chat-gitlab-google-cloud-ai-devsecops.html)
* [Overview](#overview)
* [Testimonials](#testimonials)
* [Get Started](#get-started)
### One interface for every use case
As the AI-powered DevSecOps platform, GitLab integrates with Google Cloud to enable organizations to focus on building and deploying software, and not on setting up and maintaining infrastructure.
### Develop better cloud native applications faster with GitLab and Google Cloud
GitLab tightly integrates with Google's Software Supply Chain Security (S3C) to reduce context switching, increase cycle times, and drive efficiency at every stage of the software development process. From idea to production on Google Cloud, GitLab’s comprehensive AI-powered DevSecOps platform delivers built-in planning, source code management, CI/CD, and monitoring and reporting solutions for modern applications.
#### Collaborate practically
Iterate faster, transform together. Modern CI/CD with Anthos reduces rework so happier developers and cloud practitioners can deliver product roadmaps instead of repairing old roads.
#### Automate securely
Lock up your process. Automated DevSecOps workflows increase uptime by reducing security and compliance risks on Google Cloud infrastructure.
#### Celebrate repeatedly
Deliver when it matters, where it matters. Increase market share and revenue when your product is on budget, on time, and always up on GCP.
“We had developers that thought, Why would we do something else? Jenkins is fine. But I think those people need to see GitLab first and see what the difference is because GitLab is so much more than Jenkins. The power of GitLab is you can do so much more and you can make everything so much easier to manage.”
– **Michiel Crefcoeur**, Frontend build and release engineer, ANWB
### Get started with GitLab and Google Cloud joint solutions
As a [2023 Google Cloud Technology Partner of the Year](https://about.gitlab.com/press/releases/2023-08-29-gitlab-wins-a-google-cloud-technology-partner-of-the-year-award/)
for the DevOps, Application Development category, GitLab enables joint customers to develop secure, quality applications faster, driving efficiency at every stage of the software development lifecycle (SDLC).
GitLab integrates with Google Cloud, and leverages Google Cloud's generative AI models to provide customers with AI-powered features throughout the SDLC with a privacy-first approach that doesn't compromise security best practices.
##### Google Kubernetes Engine (GKE)
GKE is Google’s managed Kubernetes service, designed to automate deployment, scaling, and management of containerized Linux and Windows applications. With GitLab’s GKE integration, teams can quickly provision new GKE clusters or import existing clusters in just a few clicks. Leverage GitLab’s Auto DevOps functionality for the lowest barrier of entry to deploy container workloads to GKE with CI/CD.
[Learn More](https://about.gitlab.com/blog/2020/03/27/gitlab-ci-on-google-kubernetes-engine/)
##### Anthos
Anthos is a modern application platform that provides a consistent development and operations experience for on-premise and cloud environments. GitLab supports GKE On Premise (GKE-OP), CloudRun for Anthos, and Anthos Configuration Management for workflow optimization on top of Anthos' unified infrastructure management platform. Plus, GitLab supports on-prem GKE for hybrid cloud customers. Together, GitLab with Anthos provides enterprises with consistency and scalability across heterogeneous environments.
[Learn More](https://cloud.google.com/kubernetes-engine/docs/tutorials/modern-cicd-gke-developer-workflow)
##### Cloud Run
Cloud Run is a fully managed serverless platform that automatically scales stateless containers and abstracts away all infrastructure management. Deploy to Cloud Run with GitLab Serverless – a full CI/CD workflow to build and test serverless applications. With GitLab for Cloud Run, teams can streamline and simplify serverless management on any infrastructure (Knative, Cloud Run, Cloud Run for Anthos, etc.) through a single UI.
[Learn More](https://docs.gitlab.com/ee/update/deprecations.html)
##### Google Compute Engine
Google Compute Engine (GCE) delivers configurable, high-performance virtual machines running in Google’s data centers. GitLab CI/CD provides application delivery to virtual machines as deployment targets. Migrate traditional, non-containerized workloads to the cloud with GitLab. Get started by installing GitLab on a single GCE instance or in High Availability architecture.
[Google Compute Engine](https://docs.gitlab.com/ee/install/google_cloud_platform/)
##### Google App Engine
Google Compute Engine (GCE) delivers configurable, high-performance virtual machines running in Google’s data centers. GitLab CI/CD provides application delivery to virtual machines as deployment targets. Migrate traditional, non-containerized workloads to the cloud with GitLab. Get started by installing GitLab on a single GCE instance or in High Availability architecture.
[Learn More](https://medium.com/faun/deploy-directly-from-gitlab-to-google-app-engine-d78bc3f9c983)
##### Google Cloud Functions
Google Cloud Functions (GCF) is Google Cloud’s event-driven serverless compute platform. Store your code in GitLab SCM and directly deploy as cloud functions through GitLab CI/CD. Empower your teams to adopt GCP for a more event-driven, cloud native architecture with GitLab and GCF by, for example, automating development for Firebase and Cloud Functions.
[Learn More](https://cloud.google.com/functions)
##### Firebase
Firebase is a platform for creating mobile and web applications developed by Google. Together, GitLab SCM and CI help developers automate with first-class CI/CD pipelines to build, test, and deploy updates frequently to the entire Firebase stack.
[Learn More](https://about.gitlab.com/blog/2020/03/16/gitlab-ci-cd-with-firebase/)
Discover the benefits of GitLab on Google Cloud
-----------------------------------------------
[Blog\
\
 \
\
### Better Together with GitLab and Google Cloud\
\
Learn more](https://about.gitlab.com/blog/2023/08/29/gitlab-google-partnership-s3c/)
[Blog\
\
 \
\
### Kubernetes and the future of cloud native - We chat with Kelsey Hightower\
\
Learn more](/blog/2019/05/13/kubernetes-chat-with-kelsey-hightower/)
[Blog\
\
 \
\
### How to leverage GitLab CI/CD for Google Firebase\
\
Learn more](/blog/2020/03/16/gitlab-ci-cd-with-firebase/)
[Blog\
\
 \
\
### CloudRun for Anthos\
\
Learn more](/blog/2019/11/19/gitlab-serverless-with-cloudrun-for-anthos/)
Video

### Discover the benefits of GitLab on Google Cloud
Learn more
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Hemmersbach | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
[Customer stories](/customers/)
Hemmersbach
 + 
Hemmersbach reorganized their build chain and increased build speed 59x
=======================================================================
Faster cycle time
Improved collaboration
Impoved code quality

Industry Technology
Employees 3,400
Location Germany, Poland, Hungary, Bulgaria, Austria
Solution
[GitLab Ultimate](/pricing/ultimate/)
Want to see what [GitLab Ultimate](/pricing/ultimate/)
can do for your team?
[Start your free trial](https://gitlab.com/-/trials/new?_gl=1%2Au3qiai%2A_ga%2AMTMyODM2NjQzOC4xNjU3OTA0NDQ2%2A_ga_ENFH3X7M5Y%2AMTY3ODkzMDM3MS40MDQuMC4xNjc4OTMwMzcyLjAuMC4w&glm_content=default-saas-trial&glm_source=about.gitlab.com%2F)
* * *
60x more builds per day
* * *
530 automated tests daily
* * *
30 automated daily deploys
* * *
Ready to get started? [Get free trial](https://gitlab.com/-/trials/new?_gl=1%2Au3qiai%2A_ga%2AMTMyODM2NjQzOC4xNjU3OTA0NDQ2%2A_ga_ENFH3X7M5Y%2AMTY3ODkzMDM3MS40MDQuMC4xNjc4OTMwMzcyLjAuMC4w&glm_content=default-saas-trial&glm_source=about.gitlab.com%2F)
[Learn about pricing](/pricing/)
With over 4,000 permanent colleagues in more than 40 subsidiaries worldwide, Hemmersbach enables Device as a Service for the IT industry in 190+ countries. DaaS combines hardware, software, lifecycle services, and financing into a single contract with a fee per device.
We renewed the complete process. We didn't just take what was in Jenkins and move to GitLab, we redid everything. We took all of the findings we had from Jenkins, which wasn’t good, and we took what was good and we set it up completely new. We reinvented the wheel, just to make it better.
\- Alexander Schmid, Head of Software Development, Hemmersbach
### Providing IT support on a global scale
Hemmersbach provides vital support for the leading companies in the IT industry. The company offers global services for manufacturers and outsourcing companies to meet the wide variety of needs of their end customers. They provide technology services for thousands of organizations and specialize in supporting hardware of all sizes, from printers to the largest servers.
### Collaboration and speed at a global scale
Hemmersbach has three teams working on the company’s proprietary software. A few years ago, they faced challenges around these teams working disparately. They struggled with collaboration and geography — with speed suffering as a result. They were using a scrum framework with a toolchain that included Jira, Jenkins, Tulip, and a variety of open source tools. With this complex toolchain, teams lacked traceability and had to overcome inefficiencies.
“Most of our code was not connected to our process,” explained Alexander Schmid, Head of Software Development. “We had tools and repositories and all the merge request stuff. But, these things were not related to what guys wrote on comments and the stuff it was not connected.”
Struggling with multiple tools, difficult build cycles, and an out of sync planning process in Jira, Hemmersbach needed a new process. They tried a wide variety of tools to solve the dilemma but still couldn’t achieve the speed they desired. During this time, teams were using GitLab Core and the business was impressed by how connected issues are with code repositories and how GitLab helped them improve team efficiency.
GitLab is the one tool that connects our whole team. You always see GitLab open and everything is based on GitLab. GitLab is the backbone of our software development.
\- Alexander Schmid, Head of Software Development, Hemmersbach
### Rebuilding the wheel to achieve speed and collaboration
The Hemmersbach development group evaluated their process and overcame the challenges they were facing by rethinking how they worked together. They had a team utilizing GitLab and were impressed with how everything is connected to the commit and offers an overview for all of the pipeline steps — in one tool.
GitLab Core provided built-in CI/CD, and project issue boards and teams were able to increase build speed and collaboration. Building on this momentum, they decided to rebuild the entire structure and move from scrum development to feature-driven development. While they saw progress, they still needed a tool that offered the ability to categorize items and then break them down so the team could continue to iterate faster.
Gitlab Ultimate connected the portfolio planning process with the actual work to deliver new capabilities. The multi-level epics and roadmap review capabilities powered their teams to move at unprecedented speed. The code reviews and comments in GitLab helped improve overall code quality.
### Rebuilding the wheel to achieve speed and collaboration
Using GitLab helped Hemmersbach decreased the time from planning to production by 6.5 days. By working in a single environment, they are also achieving 60 builds per day when previously they were only performing a single daily build.
Hemmersbach has over 100 developers using GitLab on a daily basis to run their software. The deployments now begin with epics which allow everyone to collaborate as they work through the resulting issues and merge requests. Having all of the collaboration capabilities under one umbrella has enabled the company to bring teams together and achieve unprecedented deployment speed.
“Everybody can see what’s going on across other projects as well,” Schmid said. “And then if there are comments or concerns with the code, you just write it, you just do it. GitLab has helped us bring teams together.”
All information and persons involved in case study are accurate at the time of publication.
[#### Find out which plan is best for your team.\
\
See our pricing plans](/pricing/)
[#### How much is your current toolchain costing you?\
\
ROI calculator](/calculator/)
* * *
[\
\
#### FullSave\
\
FullSave simplifies toolchain\
\
Read story](/customers/fullsave/)
[\
\
#### Siemens\
\
How Siemens created an open source DevOps culture with GitLab\
\
Read story](/customers/siemens/)
[\
\
#### Hilti\
\
How CI/CD and robust security scanning accelerated Hilti's SDLC\
\
Read story](/customers/hilti/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# Hilti | GitLab
[ New: GitLab Duo with Amazon Q](/partners/technology-partners/aws/#interest)
[ AI-driven DevSecOps.](/partners/technology-partners/aws/#interest)
[Customer stories](/customers/)
Hilti
 + 
How CI/CD and robust security scanning accelerated Hilti’s SDLC
===============================================================
Streamlined code management
Improved delivery time
CI/CD capabilities

Industry Manufacturing
Employees 30,000
Location Schaan, Liechtenstein (HQ)
Solution
[GitLab Self Managed Ultimate](/pricing/ultimate/)
Want to see what [GitLab Ultimate](/pricing/ultimate/)
can do for your team?
[Start your free trial](https://gitlab.com/-/trials/new?_gl=1%2Au3qiai%2A_ga%2AMTMyODM2NjQzOC4xNjU3OTA0NDQ2%2A_ga_ENFH3X7M5Y%2AMTY3ODkzMDM3MS40MDQuMC4xNjc4OTMwMzcyLjAuMC4w&glm_content=default-saas-trial&glm_source=about.gitlab.com%2F)
* * *
400% increase in code checks
* * *
50% shorter feedback loops
* * *
12x faster deployment time
* * *
Ready to get started? [Get free trial](https://gitlab.com/-/trials/new?_gl=1%2Au3qiai%2A_ga%2AMTMyODM2NjQzOC4xNjU3OTA0NDQ2%2A_ga_ENFH3X7M5Y%2AMTY3ODkzMDM3MS40MDQuMC4xNjc4OTMwMzcyLjAuMC4w&glm_content=default-saas-trial&glm_source=about.gitlab.com%2F)
[Learn about pricing](/pricing/)
Hilti expanded its software capabilities and adopted GitLab to bring code in-house with SCM, CI/CD, and security scanning.
GitLab is bundled together like a suite and then ships with a very sophisticated installer. And then it somehow works. This is very nice if you're a company which just wants to get it up and running.
\- Daniel Widerin, Head of Software Delivery, Hilti
### Global construction services provider
Hilti is a world leader in the design and manufacturing of cutting-edge technologies, software, and services for the professional construction industry. One sector of [Hilti](https://www.hilti.group/content/hilti/CP/XX/en.html)
specifically focuses on business unit tool solutions. This team creates software for customers in the area of software development tools which meets governance, risk, and compliance regulations. Hilti ensures that the correct procedures are in place to adhere with regulatory compliances across different regions.
### Enrich software capabilities, security, and SCM
About two years ago, Hilti was looking for a software platform to rebuild their projects. They had previously outsourced one of their software development projects to an external vendor as the software capability could not be 100% managed in-house. The source code was owned by a joint venture which used GitHub. Hilti owned the majority of the joint venture, but it was not hosting source code in-house. There wasn’t any internal CI/CD and also the teams didn’t perform security testing according to the highest standards. This situation was challenging because the software teams wanted full visibility and management of their code.
Hilti’s goal was to move software development in-house to enable the engineering and architecture teams to conduct proper reviews, truly collaborate, and to share best practices with other teams. As Hilti wanted a solution that adheres to the highest standards, the ideal tool would need to be easy to onboard, be intuitive, and offer seamless integration. “We wanted to bring a tool on to our own premises so that we have it under our control, and also have it in real time. That was really a big step forward,” said Raphael Hauser, Head of Governance at Hilti. Security scanning was high on the priority list. Hilti has between 10 to 15 distributed teams working in parallel on large-scale solutions at any given time globally. Security needs to be under control and aggregated so that by the time a software release is ready, vulnerabilities are visible ahead of time. Hilti needed a tool with powerful and reliable security capabilities.
Development and test teams previously found themselves in “reactive mode” when catching bugs. A tool that offers a way to find vulnerabilities within the pipeline would be more efficient, increase workflow speed, and empower developers. “I want to be sure, once we release a package to production, that we're not bringing in any packages of code that are eventually creating a risk for Hilti; exposing source code is an access security problem, not a code scanning problem,” Hauser added.
### Bringing security and code in-house
After a review and working with various tools, GitLab was adopted for its ease of integration, SCM capabilities, and comprehensive security scanning. GitLab delivered the capabilities to maintain high software performance standards and to quickly provide multiple types of in-depth scanning. Hilti is using GitLab’s static and dynamic application security testing (SAST and DAST, respectively), along with container scanning, dependency scanning, secret detection, and license compliance. “GitLab is far ahead of its competitors and provides one product which offers an easy-to-set-up, easy-to-start product with all these capabilities integrated,” said Daniel Widerin, Head of Software Delivery.
Hilti has compliance regulations that they must follow, including license reviewing, application testing, and source code access. Hilti opted for GitLab Ultimate in order to use the compliance and security scanning. “From a risk point of view, the key factor was that we can now control much tighter and much closer who really has access to the source code, who is managing the source code, and the current state in regard to security and IP compliance,” Hauser said.
With GitLab, Hilti now has full access to their source code and is able to manage it properly. Owning their own code reduces the risk of any source code leakage and increases the level of code change capabilities. “It has given me much more insight into what is actually happening within the code and doing that in real time. It has also sped up my way of giving approvals in regard to security, code security, and the IP compliance in order to still comply with the faster pace of delivery,” Hauser said.
### Secure code, end-to-end visibility, and faster deployments
Hilti’s engineering and architecture teams now use GitLab for SCM, CI/CD, and security dashboards that are compatible with their technology stack. With GitLab, they were able to build software in-house and at a faster rate than if they had used a complicated set of tools. The ease of integration allows the teams to work with Jira, Docker, and Amazon Web Services (AWS). All services integrated with GitLab, including build artifacts and runners, are running on AWS and deployed to a Kubernetes cluster.
“GitLab has done a really great job with the source code to bring feedback directly after you have opened the merge request or after you have done a comment or a push,” said Widerin. “I mean, you basically don’t have to develop all these things on your own. GitLab is bundled together like a suite and then ships with a very sophisticated installer. And then it somehow works. This is very nice if you're a company which just wants to get it up and running.” With GitLab, feedback loops have shortened by 50%, from 6 days to 3 days, supporting greater efficiency and collaboration.
Team members appreciate that the pipeline is directly integrated into the source code and they’re able to get immediate feedback from the merge request including security scan results. “People really like that they have a center point where they can log in and see all the different microservices and components while they are working, even with mobile apps and web UI,” Widerin added. Code checks have increased significantly from six times every three months to twice a week, thereby maintaining high quality.
Deployment speeds have increased because now development and test teams own the code and can see when there are vulnerabilities ahead of time. Deployment times have decreased from an average of three hours to just 15 minutes with GitLab. They now have clear guidance on what they accept for any release with regard to severity of vulnerabilities within the code. “We are faster to remedy critical findings and the teams get a bit more stability because they do not have to do a firefight before the release ... it helps us to give them the overview of where they stand so they don't have to rework after the sprint is complete,” Hauser said.
All information and persons involved in case study are accurate at the time of publication.
[#### Find out which plan is best for your team.\
\
See our pricing plans](/pricing/)
[#### How much is your current toolchain costing you?\
\
ROI calculator](/calculator/)
* * *
[\
\
#### FullSave\
\
FullSave simplifies toolchain\
\
Read story](/customers/fullsave/)
[\
\
#### Siemens\
\
How Siemens created an open source DevOps culture with GitLab\
\
Read story](/customers/siemens/)
[\
\
#### Hilti\
\
How CI/CD and robust security scanning accelerated Hilti's SDLC\
\
Read story](/customers/hilti/)
Ready to get started?
---------------------
See what your team can do with the most comprehensive
AI-powered DevSecOps platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/free-trial/devsecops/&glm_content=default-saas-trial)
[Talk to sales](/sales/)
---
# How to use GitLab and Ansible to create infrastructure as code
[Blog](/blog/)
[Engineering](/blog/categories/engineering/)
How to use GitLab and Ansible to create infrastructure as code
Published on: July 1, 2019
5 min read
How to use GitLab and Ansible to create infrastructure as code
==============================================================
Explore the power of GitLab CI as we demo Ansible playbooks in infrastructure as code.

[Sara Kassabian](/blog/authors/skassabian/)
 [Brad Downey](/blog/authors/6b6RTu6832NFEju2zKJhbE/)
[demo](/blog/tags/demo/)
[CI/CD](/blog/tags/CI_CD/)
GitLab CI is a powerful tool that can be used for a number of things, including [infrastructure as code](/topics/gitops/infrastructure-as-code/)
and [GitOps](/topics/gitops/)
. GitLab is tool agnostic, but we use Ansible in this demonstration because it's a language commonly used by developers for infrastructure as code. This is a [two-router demo](https://gitlab.com/bdowney/ansible-demo/blob/master/ci-cd-demo/ci.yml)
from the [Ansible networking class](https://github.com/ansible/workshops)
.
What’s particularly cool about [GitLab CI](/features/continuous-integration/)
is that the code from the [Ansible playbook](https://docs.ansible.com/ansible/latest/cli/ansible-playbook.html)
can be edited and shipped without ever having to install any dependencies locally. The demo project, which calls for an update to the SNMP strings on all devices monthly per our security policy, can be done entirely on [GitLab.com](/pricing/)
, our hosted service.
The first step is to open up the Ansible playbook, where we see four tasks:
* Gather router facts
* Display version
* Display serial number
* Configure SNMP
Configuring the SNMP strings is the focus of this demo, which can be achieved in a simple series of steps.
### Start with the issue board[](#start-with-the-issue-board)
Every plan at GitLab starts in the same place: [with an issue](/handbook/marketing/strategic-marketing/getting-started/101/)
. So the first step in the GitLab workflow is to check out the issue board within the [ansible-demo project](https://gitlab.com/bdowney/ansible-demo/-/boards)
. On the [ansible-demo issue board](https://gitlab.com/bdowney/ansible-demo/issues)
, we see that there is already an issue to [change SNMP strings on all routers](https://gitlab.com/bdowney/ansible-demo/issues/4)
. There is a link to the GitLab security policy wiki within the issue stating that SNMP strings must be rotated monthly and that there must be different strings for read-only and read-write.
 GitLab security policy calls for updating SNMP strings monthly.
We then check that the commands to configure the SNMP strings in the [two-router demo](https://gitlab.com/bdowney/ansible-demo/blob/master/ci-cd-demo/ci.yml)
follow the GitLab security policy outlined in the issue.
 The commands to configure the SNMP strings are available in the Ansible playbook.
Next, return to the issue and assign to yourself and switch the label from `to-do` to `doing` in the right sidebar of the issue, or by dragging between columns in the issue board.
### Create a merge request[](#create-a-merge-request)
The next step is to create a merge request (MR) from the issue. Double-check that the [“Work in Progress” (WIP) flag](https://docs.gitlab.com/ee/user/project/merge_requests/drafts.html)
is attached to your MR so it isn’t merged with master prematurely. Rather than connect locally, we use GitLab’s [Web IDE](https://docs.gitlab.com/ee/user/project/web_ide/)
because the changes to the SNMP strings are small.
* We open the [CI/CD](/topics/ci-cd/)
demo section.
* Go to the Ansible playbook.
* Edit the SNMP section so it reads:
-snmp-server community New-SNMP-DEMO1 RO
-snmp-server community Fun-SNMP-RW-STR RW
* Note that the RO and RW are set to different strings, per the [GitLab security policy](https://gitlab.com/bdowney/ansible-demo/wikis/Security-Policies)
outlined in the [issue](https://gitlab.com/bdowney/ansible-demo/issues/1)
.
### Commit changes[](#commit-changes)
Now that the SNMP string has been updated based on the guidelines, commit the changes. Open the side-by-side comparison of the changes to see the MR has been updated with your latest commit.
 The side-by-side comparison tool is an easy way to visualize your changes.
### Results[](#results)
Committing the changes will automatically kick off a GitLab CI pipeline. This will perform tasks such as:
* Syntax checking
* Dry-runs
* Testing of changes in lab/simulated environment
We can view the progress and output of each job in the GitLab CI pipeline to execute the SNMP updates.
 See the output from your job showing that the SNMP updates in the simulated environment were successful.
All of these tasks will be run and documented in the MR.
 The checkmarks indicate that each task in the GitLab CI pipeline passed.
Next, you can log into your lab routers and see the changes.
 The changes to the RO and RW SNMP strings are reflected in the routers.
### MR review[](#mr-review)
An optional step is to implement [MR approvals](https://docs.gitlab.com/ee/user/project/merge_requests/approvals/)
. Implementing approvals gives more users the ability to review the changes before they are sent to production.
 The MR can be set up so another user has to review your work before it can be merged into master.
### Merging into master[](#merging-into-master)
The changes can be merged into master once the testing is complete. This is the branch that holds our production environment code.
When you're ready, click on the `Resolve Work In Progress` button. Then click `Merge`.
Resolving the WIP status will allow the MR to be merged and close out the issue.
Now a new pipeline will run all of the tests that were performed with the additional step of running the playbook in the production environment.
You can view the progress and logs from the pipelines screen. Once this process is complete, you can log into your production routers and see that the SNMP security strings have been updated.
### The magic of GitLab CI[](#the-magic-of-gitlab-ci)
The magic that made all of this possible is GitLab CI. GitLab CI pipelines are a string of sequential tasks that execute everything you need to test and implement your Ansible code.
GitLab CI is configured with a single simple [YAML file](/blog/2020/10/01/three-yaml-tips-better-pipelines/)
that lives in the repository, named `.gitlab-ci.yml`.
In this demonstration you will see our `.gitlab-ci.yml` file contains three stages.
1. Deploy: This creates the two-router simulation network, in AWS, using Ansible.
2. Demo: This executes the playbook that will change the SNMP strings.
3. Destroy: This destroys the two-router simulation network.
GitLab CI starts with a base image, in this case we are using a Docker image that contains all the required Ansible binaries and dependencies. We specify the commands to be run at each stage and the dependencies as necessary.
 A simple YAML file contains the three stages of the GitLab CI.
 A look inside the demo stage of the GitLab CI, which executes the Ansible playbook.
Peering under the hood of our pipelines shows how GitLab CI can be used to build infrastructure as code without ever having to install any Ansible dependencies onto your computer. This is just one example of how GitLab CI can be used to execute infrastructure as code. Watch the video below to see the full tutorial:
[Engineering\
\
\
\
#### Tutorial: Secure BigQuery data publishing with GitLab\
\
Read the blog](/blog/2025/03/25/tutorial-secure-bigquery-data-publishing-with-gitlab/)
[Engineering\
\
\
\
#### How we reduced MR review time with Value Stream Management\
\
Read the blog](/blog/2025/02/20/how-we-reduced-mr-review-time-with-value-stream-management/)
[Engineering\
\
\
\
#### Automating container image migration from Amazon ECR to GitLab\
\
Read the blog](/blog/2025/02/13/automating-container-image-migration-from-amazon-ecr-to-gitlab/)
### We want to hear from you
Enjoyed reading this blog post or have questions or feedback? Share your thoughts by creating a new topic in the GitLab community forum. [Share your feedback](https://forum.gitlab.com/new-topic?title=GitLab%20account%20security:%20Verify%20your%20information%20for%20enhanced%20protection&body=&tags=blog-feedback)
See what your team could do with a unified DevSecOps Platform.
[Get free trial](https://gitlab.com/-/trial_registrations/new?glm_content=default-saas-trial&glm_source=about.gitlab.com)
Find out which plan works best for your team
[Learn about pricing](/pricing/)
Learn about what GitLab can do for your team
[Talk to an expert](/sales/)
---
# Explore projects · GitLab
Explore projects
================
* [Most starred](/explore/projects/starred)
* [Trending](/explore/projects/trending)
* [Active](/explore/projects)
* [Inactive](/explore/projects?archived=only)
* [All](/explore/projects?archived=true)
* [View GitLab project ](/gitlab-org/gitlab)
[GitLab.org / GitLab](/gitlab-org/gitlab "GitLab")
---------------------------------------------------
MIT License
GitLab is an open source end-to-end software development platform with built-in version control, issue tracking, code review, CI/CD, and more. Self-host GitLab on your own servers, in a container, or on a cloud provider.
[hacktoberfest](/explore/projects/topics/hacktoberfest)
[Ruby](/explore/projects/topics/ruby)
[Vue.js](/explore/projects/topics/vue.js)
\+ 1 more
[5.5k](/gitlab-org/gitlab/-/starrers "Stars")
Updated Mar 29, 2025
[5.5k](/gitlab-org/gitlab/-/starrers "Stars")
[10.9k](/gitlab-org/gitlab/-/forks "Forks")
[2.2k](/gitlab-org/gitlab/-/merge_requests "Merge requests")
[62.6k](/gitlab-org/gitlab/-/issues "Issues")
Updated Mar 29, 2025
* [View Data project ](/fdroid/fdroiddata)
[F-Droid / Data](/fdroid/fdroiddata "Data")
--------------------------------------------
GNU Affero General Public License v3.0
Data for the main F-Droid repository at [https://f-droid.org](https://f-droid.org)
[fdroid](/explore/projects/topics/fdroid)
[Android](/explore/projects/topics/android)
[apps](/explore/projects/topics/apps)
[1k](/fdroid/fdroiddata/-/starrers "Stars")
Updated Mar 29, 2025
[1k](/fdroid/fdroiddata/-/starrers "Stars")
[4.2k](/fdroid/fdroiddata/-/forks "Forks")
[88](/fdroid/fdroiddata/-/merge_requests "Merge requests")
[89](/fdroid/fdroiddata/-/issues "Issues")
Updated Mar 29, 2025
* [View www-gitlab-com project ](/gitlab-com/www-gitlab-com)
[GitLab.com / www-gitlab-com](/gitlab-com/www-gitlab-com "www-gitlab-com")
---------------------------------------------------------------------------
MIT License
Source for [https://about.gitlab.com/](https://about.gitlab.com/)
This repo/project is for the public-facing marketing website of GitLab, including improvements to the docs and the handbook.
Please file product improvement suggestions at [https://gitlab.com/gitlab-org/gitlab](https://gitlab.com/gitlab-org/gitlab)
[GitLab](/explore/projects/topics/gitlab)
[handbook](/explore/projects/topics/handbook)
[hacktoberfest](/explore/projects/topics/hacktoberfest)
[1.1k](/gitlab-com/www-gitlab-com/-/starrers "Stars")
Updated Mar 29, 2025
[1.1k](/gitlab-com/www-gitlab-com/-/starrers "Stars")
[3.1k](/gitlab-com/www-gitlab-com/-/forks "Forks")
[2k](/gitlab-com/www-gitlab-com/-/merge_requests "Merge requests")
[1.6k](/gitlab-com/www-gitlab-com/-/issues "Issues")
Updated Mar 29, 2025
* [View freedesktop-sdk project ](/freedesktop-sdk/freedesktop-sdk)
[freedesktop-sdk / freedesktop-sdk](/freedesktop-sdk/freedesktop-sdk "freedesktop-sdk")
----------------------------------------------------------------------------------------
MIT License
A minimal Linux runtime
[235](/freedesktop-sdk/freedesktop-sdk/-/starrers "Stars")
Updated Mar 29, 2025
[235](/freedesktop-sdk/freedesktop-sdk/-/starrers "Stars")
[310](/freedesktop-sdk/freedesktop-sdk/-/forks "Forks")
[66](/freedesktop-sdk/freedesktop-sdk/-/merge_requests "Merge requests")
[139](/freedesktop-sdk/freedesktop-sdk/-/issues "Issues")
Updated Mar 29, 2025
* [View tezos project ](/tezos/tezos)
[Tezos / tezos](/tezos/tezos "tezos")
--------------------------------------
[635](/tezos/tezos/-/starrers "Stars")
Updated Mar 29, 2025
[635](/tezos/tezos/-/starrers "Stars")
[438](/tezos/tezos/-/forks "Forks")
[327](/tezos/tezos/-/merge_requests "Merge requests")
[2.2k](/tezos/tezos/-/issues "Issues")
Updated Mar 29, 2025
* [View inkscape project ](/inkscape/inkscape)
[Inkscape / inkscape](/inkscape/inkscape "inkscape")
-----------------------------------------------------
Other
Inkscape vector image editor
[svg](/explore/projects/topics/svg)
[vectorgraphics](/explore/projects/topics/vectorgraphics)
[C++](/explore/projects/topics/C%252B%252B)
\+ 3 more
[3.6k](/inkscape/inkscape/-/starrers "Stars")
Updated Mar 29, 2025
[3.6k](/inkscape/inkscape/-/starrers "Stars")
[1.6k](/inkscape/inkscape/-/forks "Forks")
[136](/inkscape/inkscape/-/merge_requests "Merge requests")
[2.1k](/inkscape/inkscape/-/issues "Issues")
Updated Mar 29, 2025
* [View GitLab FOSS project ](/gitlab-org/gitlab-foss)
[GitLab.org / GitLab FOSS](/gitlab-org/gitlab-foss "GitLab FOSS")
------------------------------------------------------------------
MIT License
GitLab FOSS is a read-only mirror of GitLab, with all proprietary code removed. This project was previously used to host GitLab Community Edition, but all development has now moved to [https://gitlab.com/gitlab-org/gitlab](https://gitlab.com/gitlab-org/gitlab)
.
[7.1k](/gitlab-org/gitlab-foss/-/starrers "Stars")
Updated Mar 29, 2025
[7.1k](/gitlab-org/gitlab-foss/-/starrers "Stars")
[8.1k](/gitlab-org/gitlab-foss/-/forks "Forks")
[0](/gitlab-org/gitlab-foss/-/merge_requests "Merge requests")
[0](/gitlab-org/gitlab-foss/-/issues "Issues")
Updated Mar 29, 2025
* [View gitlab-runner project ](/gitlab-org/gitlab-runner)
[GitLab.org / gitlab-runner](/gitlab-org/gitlab-runner "gitlab-runner")
------------------------------------------------------------------------
MIT License
GitLab Runner is the open source project that is used to run your CI/CD jobs and send the results back to GitLab
[hacktoberfest](/explore/projects/topics/hacktoberfest)
[golang](/explore/projects/topics/golang)
[2.4k](/gitlab-org/gitlab-runner/-/starrers "Stars")
Updated Mar 29, 2025
[2.4k](/gitlab-org/gitlab-runner/-/starrers "Stars")
[2.4k](/gitlab-org/gitlab-runner/-/forks "Forks")
[85](/gitlab-org/gitlab-runner/-/merge_requests "Merge requests")
[3k](/gitlab-org/gitlab-runner/-/issues "Issues")
Updated Mar 29, 2025
* [View isleward project ](/Isleward/isleward)
[Isleward / isleward](/Isleward/isleward "isleward")
-----------------------------------------------------
GNU Affero General Public License v3.0
The moddable, multiplayer roguelike.
[373](/Isleward/isleward/-/starrers "Stars")
Updated Mar 29, 2025
[373](/Isleward/isleward/-/starrers "Stars")
[154](/Isleward/isleward/-/forks "Forks")
[3](/Isleward/isleward/-/merge_requests "Merge requests")
[322](/Isleward/isleward/-/issues "Issues")
Updated Mar 29, 2025
* [View Gitaly project ](/gitlab-org/gitaly)
[GitLab.org / Gitaly](/gitlab-org/gitaly "Gitaly")
---------------------------------------------------
MIT License
Gitaly is a Git RPC service for handling all the git calls made by GitLab
[GitLab](/explore/projects/topics/gitlab)
[Git](/explore/projects/topics/git)
[rpc](/explore/projects/topics/rpc)
\+ 2 more
[418](/gitlab-org/gitaly/-/starrers "Stars")
Updated Mar 29, 2025
[418](/gitlab-org/gitaly/-/starrers "Stars")
[340](/gitlab-org/gitaly/-/forks "Forks")
[49](/gitlab-org/gitaly/-/merge_requests "Merge requests")
[803](/gitlab-org/gitaly/-/issues "Issues")
Updated Mar 29, 2025
* [View TortoiseGit project ](/tortoisegit/tortoisegit)
[TortoiseGit / TortoiseGit](/tortoisegit/tortoisegit "TortoiseGit")
--------------------------------------------------------------------
GNU General Public License v2.0 or later
Windows Shell Interface to Git, [https://tortoisegit.org](https://tortoisegit.org)
[TortoiseGit](/explore/projects/topics/TortoiseGit)
[Git](/explore/projects/topics/git)
[tortoise](/explore/projects/topics/tortoise)
\+ 2 more
[650](/tortoisegit/tortoisegit/-/starrers "Stars")
Updated Mar 29, 2025
[650](/tortoisegit/tortoisegit/-/starrers "Stars")
[291](/tortoisegit/tortoisegit/-/forks "Forks")
[11](/tortoisegit/tortoisegit/-/merge_requests "Merge requests")
[399](/tortoisegit/tortoisegit/-/issues "Issues")
Updated Mar 29, 2025
* [View wget2 project\
\
W](/gnuwget/wget2)
[Wget / wget2](/gnuwget/wget2 "wget2")
---------------------------------------
GNU General Public License v3.0 or later
Main repository of GNU Wget2.
[gnu](/explore/projects/topics/gnu)
[wget](/explore/projects/topics/wget)
[http](/explore/projects/topics/http)
\+ 3 more
[395](/gnuwget/wget2/-/starrers "Stars")
Updated Mar 29, 2025
[395](/gnuwget/wget2/-/starrers "Stars")
[207](/gnuwget/wget2/-/forks "Forks")
[10](/gnuwget/wget2/-/merge_requests "Merge requests")
[195](/gnuwget/wget2/-/issues "Issues")
Updated Mar 29, 2025
* [View recalbox project ](/recalbox/recalbox)
[recalbox / recalbox](/recalbox/recalbox "recalbox")
-----------------------------------------------------
Other
The Recalbox project. Retrogaming open source solution for Raspberry Pi, PC, Odroids, and Abernic.
[retrogaming](/explore/projects/topics/retrogaming)
[os](/explore/projects/topics/os)
[Linux](/explore/projects/topics/linux)
\+ 2 more
[707](/recalbox/recalbox/-/starrers "Stars")
Updated Mar 29, 2025
[707](/recalbox/recalbox/-/starrers "Stars")
[285](/recalbox/recalbox/-/forks "Forks")
[110](/recalbox/recalbox/-/merge_requests "Merge requests")
[348](/recalbox/recalbox/-/issues "Issues")
Updated Mar 29, 2025
* [View omnibus-gitlab project ](/gitlab-org/omnibus-gitlab)
[GitLab.org / omnibus-gitlab](/gitlab-org/omnibus-gitlab "omnibus-gitlab")
---------------------------------------------------------------------------
Apache License 2.0
This project creates full-stack platform-specific downloadable packages for GitLab.
[bug](/explore/projects/topics/bug)
[confirmed](/explore/projects/topics/confirmed)
[critical](/explore/projects/topics/critical)
\+ 7 more
[671](/gitlab-org/omnibus-gitlab/-/starrers "Stars")
Updated Mar 29, 2025
[671](/gitlab-org/omnibus-gitlab/-/starrers "Stars")
[1.2k](/gitlab-org/omnibus-gitlab/-/forks "Forks")
[68](/gitlab-org/omnibus-gitlab/-/merge_requests "Merge requests")
[1.3k](/gitlab-org/omnibus-gitlab/-/issues "Issues")
Updated Mar 29, 2025
* [View iterm2 project ](/gnachman/iterm2)
[George Nachman / iterm2](/gnachman/iterm2 "iterm2")
-----------------------------------------------------
Affero General Public License v1.0
Issues site for iTerm2
[1.4k](/gnachman/iterm2/-/starrers "Stars")
Updated Mar 29, 2025
[1.4k](/gnachman/iterm2/-/starrers "Stars")
[186](/gnachman/iterm2/-/forks "Forks")
[3.3k](/gnachman/iterm2/-/issues "Issues")
Updated Mar 29, 2025
* [View ase project ](/ase/ase)
[ase / ase](/ase/ase "ase")
----------------------------
GNU Lesser General Public License v2.1 only
[Atomic Simulation Environment](https://wiki.fysik.dtu.dk/ase/)
: A Python library for working with atoms
[Atomistic si...](/explore/projects/topics/Atomistic+simulations "Atomistic simulations")
[materials](/explore/projects/topics/materials)
[physics](/explore/projects/topics/physics)
\+ 1 more
[468](/ase/ase/-/starrers "Stars")
Updated Mar 29, 2025
[468](/ase/ase/-/starrers "Stars")
[846](/ase/ase/-/forks "Forks")
[221](/ase/ase/-/merge_requests "Merge requests")
[581](/ase/ase/-/issues "Issues")
Updated Mar 29, 2025
* [View Production Engineering project ](/gitlab-com/gl-infra/production-engineering)
[GitLab.com / GitLab Infrastructure Team / Production Engineering](/gitlab-com/gl-infra/production-engineering "Production Engineering")
-----------------------------------------------------------------------------------------------------------------------------------------
Keep GitLab running and make it scale!
[229](/gitlab-com/gl-infra/production-engineering/-/starrers "Stars")
Updated Mar 29, 2025
[229](/gitlab-com/gl-infra/production-engineering/-/starrers "Stars")
[125](/gitlab-com/gl-infra/production-engineering/-/forks "Forks")
[497](/gitlab-com/gl-infra/production-engineering/-/issues "Issues")
Updated Mar 29, 2025
* [View GitLab Development Kit project ](/gitlab-org/gitlab-development-kit)
[GitLab.org / GitLab Development Kit](/gitlab-org/gitlab-development-kit "GitLab Development Kit")
---------------------------------------------------------------------------------------------------
MIT License
Get started with GitLab Rails development using the GDK.
[development](/explore/projects/topics/development)
[rails](/explore/projects/topics/rails)
[Ruby](/explore/projects/topics/ruby)
\+ 1 more
[740](/gitlab-org/gitlab-development-kit/-/starrers "Stars")
Updated Mar 29, 2025
[740](/gitlab-org/gitlab-development-kit/-/starrers "Stars")
[859](/gitlab-org/gitlab-development-kit/-/forks "Forks")
[77](/gitlab-org/gitlab-development-kit/-/merge_requests "Merge requests")
[548](/gitlab-org/gitlab-development-kit/-/issues "Issues")
Updated Mar 29, 2025
* [View tasks project\
\
T](/gitlab-org/release/tasks)
[GitLab.org / release / tasks](/gitlab-org/release/tasks "tasks")
------------------------------------------------------------------
MIT License
GitLab release tasks project, release managers issue tracker
[66](/gitlab-org/release/tasks/-/starrers "Stars")
Updated Mar 29, 2025
[66](/gitlab-org/release/tasks/-/starrers "Stars")
[188](/gitlab-org/release/tasks/-/forks "Forks")
[2](/gitlab-org/release/tasks/-/merge_requests "Merge requests")
[1.2k](/gitlab-org/release/tasks/-/issues "Issues")
Updated Mar 29, 2025
* [View release-tools project ](/gitlab-org/release-tools)
[GitLab.org / release-tools](/gitlab-org/release-tools "release-tools")
------------------------------------------------------------------------
MIT License
Instructions and tools for releasing GitLab.
[hacktoberfest](/explore/projects/topics/hacktoberfest)
[94](/gitlab-org/release-tools/-/starrers "Stars")
Updated Mar 29, 2025
[94](/gitlab-org/release-tools/-/starrers "Stars")
[142](/gitlab-org/release-tools/-/forks "Forks")
[44](/gitlab-org/release-tools/-/merge_requests "Merge requests")
Updated Mar 29, 2025
* Prev
* [Next](/explore/projects/trending?non_archived=true&page=2&sort=latest_activity_desc&trending=true)
---