CISA sounds alarm on critical GitLab flaw under active exploit

The US Cybersecurity and Infrastructure Security Agency (CISA) has labelled a critical vulnerability affecting the popular Git-based repository manager GitLab as a Known Exploited Vulnerability (KEV). The move comes in response to active exploitation attempts detected in the wild, underscoring the urgency for organisations to promptly apply security updates.

Tracked as CVE-2023-7028, the severe flaw (CVSS score: 10.0) could enable adversaries to take over user accounts by sending...

David DeSanto, GitLab: AI’s impact on software development in 2024

David DeSanto, Chief Product Officer at GitLab, foresees a paradigm shift in the realm of software development in 2024—with AI taking centre stage.

GitLab's 2023 Global DevSecOps Report serves as the foundation for these predictions, offering a glimpse into the future landscape of organisations' software development toolchains.

AI bias: A hurdle on the path to progress

In the short term, the accelerated integration of AI tools may present a formidable challenge: an...

GitLab pivots on decision to wipe dormant projects

GitLab appears to have pivoted on a decision to automatically wipe dormant projects.

On Thursday, The Register reported that GitLab planned to delete projects that have been inactive for a year and are owned by free users. The policy was due to come into effect in late September.

GitLab is said to have estimated the policy would save it up to $1 million a year. However, following the report, GitLab’s technically unannounced policy received significant...

GitLab: 2020 was a ‘catalyst for DevOps maturation’

GitLab’s fifth annual DevSecOps survey reveals that last year was pivotal for the maturation of DevOps.

The only silver lining from the disaster of a year that was 2020 is that it helped to highlight inefficiencies with legacy processes and technologies. As the world looks to "build back better" from the pandemic, the work of DevOps teams should provide some inspiration.

Eric Johnson, CTO at GitLab, said:

“This year’s Global DevSecOps Survey shows that...

Featured: Developer’s list of innovative companies to watch in 2021

Governments may not have classed developers as “essential workers” during the pandemic, but we know they are.

The companies in our most innovative companies list for 2021 are helping developers to deliver the full potential of their visions quickly which, in turn, is often helping end-users in ways that can’t be understated.

In alphabetical order:

Appery

Appery’s mission is to “accelerate your mobile innovation” and its low-code app...