The site that you are currently viewing is a static version of the Software Factory documentation delivered with the

version v7.2.
For up-to-date documentation, see the latest version.

Secure

GitLab security scanners for SAST, DAST, SCA, and secret detection

GitLab secure

GitLab Ultimate embeds a suite of security scanners directly into your CI/CD pipelines. They cover two complementary approaches: static analysis (source code, dependencies, secrets) and dynamic analysis (running application). All results are centralised in a single vulnerability report within GitLab.

Tip

Not familiar with the terminology? See SAST, DAST, SCA and other security terms in the glossary.


Dynamic Application Security Testing (DAST)

Test a running application for vulnerabilities with GitLab DAST

Static Application Security Testing (SAST)

Identify source code vulnerabilities with GitLab SAST analyzers

Software Composition Analysis (SCA)

Analyze dependencies and container images for known vulnerabilities

Secret Detection

Scan your codebase for leaked secrets, API keys, and passwords

Security Policies

Enforce security requirements on merge requests, scans, and pipelines

Vulnerability Report

View, triage, and remediate vulnerabilities across your projects