GitLab Security Essentials Training

Overview

This class covers all of the essential security capabilities of GitLab, including Static Application Security Testing, secret detection, Dynamic Application Security Testing, dependency scanning, container scanning, API security, and compliance.

Since most of these features are only available for customers with an Ultimate license, this course is intended for Ultimate customers only.

Target Audience

  • Project managers, developers, DevSecOps engineers, and security specialists who are using GitLab with the Ultimate license
  • Prerequisite knowledge

Get in Touch

Interested in scheduling an instructor-led training session? Contact us at training@gitlab.com.

What's Included

Certified Instructors

Learn from the best — courses led by GitLab-certified experts.

Hands-On

Build your own skills quickly to take back and apply on your own projects.

Live Q&A

Instantly query instructors and peers during live sessions.

Structured Success

Complete methodical training for tangible outcomes.

Price

Please reach out to your Account Representative for details on pricing.

Duration

Remote: Delivered in a single day, including 1-hour break for lunch.
On-site: Delivered in a single day, including 1-hour break for lunch.

Class Size

Maximum 12 attendees. Order this seat add-on to increase total seats per class.

Languages

This class can be taught in the following language(s):

  • English
  • German
  • French

Course Syllabus

TopicOverview
Security in the Software Delivery Life Cycle
  • Shift security left and right
  • Choose security scanners
  • Leverage vulnerability management and vulnerability reports
  • Use security best practices
Static Application Security Detection (SAST) and secret detection
  • Solve problems with SAST
  • Use best practices for implementing SAST scanners
  • Solve problems with secret detection
  • Use best practices for implementing secret detection scanners
Addressing vulnerabilities
  • View vulnerabilities in merge requests, vulnerability reports, and pipeline reports
  • Use best practices for triaging vulnerabilities
  • Use AI to resolve vulnerabilities
Dependency scanning and Infrastructure as Code (IaC) scanning
  • Solve problems with dependency scanning
  • Use best practices for implementing dependency scanners
  • Solve problems with IaC scanning
  • Use best practices for implementing IaC scanners
Container scanning
  • Solve problems with container scanning
  • Use best practices for implementing container scanners
API security and Dynamic Application Security Testing (DAST)
  • Solve problems with API security
  • Use best practices for implementing API security
  • Solve problems with DAST
  • Use best practices for implementing DAST scanners
Operational container scanning
  • Solve problems with operational container scanning
  • Use best practices for implementing operational container scanners
Compliance
  • Align with common compliance standards
  • Identify and enforce compliance requirements
  • Track security-related actions
  • Gather audit events for processing
  • Control what can be pushed to a repository

System Requirements

Computer with internet access and Git installed, per the requirements specified here.

Training Purchases

All GitLab Trainings purchased pursuant to an applicable Order Form must be used within twelve (12) months of the Start Date indicated therein; failure to do so will result in cancellation of any outstanding GitLab Trainings ordered but not used within twelve (12) months of the date of the Start Date. In no event will GitLab be responsible for any refund or credit with regard to any GitLab Trainings purchased but not otherwise utilized within the foregoing time frames.

Recording

Recording and/or distribution of recordings of Training Session in any way is strictly prohibited.

Get in Touch

Interested in scheduling an instructor-led training session? Contact us at training@gitlab.com.