[{"data":1,"prerenderedAt":1072},["ShallowReactive",2],{"/en-us/the-source/security/compliance-at-the-speed-of-ai-reimagining-grc/":3,"footer-en-us":54,"the-source-navigation-en-us":361,"the-source-newsletter-en-us":388,"compliance-at-the-speed-of-ai-reimagining-grc-article-hero-category-en-us":400,"compliance-at-the-speed-of-ai-reimagining-grc-the-source-gated-asset-en-us":423,"compliance-at-the-speed-of-ai-reimagining-grc-category-en-us":438,"compliance-at-the-speed-of-ai-reimagining-grc-the-source-resources-en-us":450,"compliance-at-the-speed-of-ai-reimagining-grc-article-hero-author-en-us":482},{"_path":4,"_dir":5,"_draft":6,"_partial":6,"_locale":7,"config":8,"seo":15,"content":19,"type":46,"slug":47,"category":5,"_id":48,"_type":49,"title":7,"_source":50,"_file":51,"_stem":52,"_extension":53},"/en-us/the-source/security/compliance-at-the-speed-of-ai-reimagining-grc","security",false,"",{"layout":9,"template":10,"articleType":11,"author":12,"featured":13,"gatedAsset":14},"the-source","TheSourceArticle","Regular","ayoub-fandi",true,"source-lp-devsecops-the-key-to-modern-security-resilience",{"title":16,"description":17,"ogImage":18},"Compliance at the speed of AI: Reimagining GRC","Is your governance, risk, and compliance strategy keeping pace with AI-accelerated development? Learn how to prepare for secure software delivery at scale.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463857/sb6to0pyohg2ubpxf3ex.png",{"title":16,"date":20,"description":17,"timeToRead":21,"heroImage":18,"keyTakeaways":22,"articleBody":26,"faq":27},"2025-05-14","6 min read",[23,24,25],"Traditional GRC approaches fail in modern development environments because they operate on quarterly/annual cycles while DevSecOps teams deploy code multiple times daily, creating a fundamental timing mismatch and compliance that exists only on paper.","Successful GRC modernization requires shifting from a project to a product mindset, building continuous compliance into development pipelines, and automating evidence collection as a byproduct of normal development activities.","Organizations must create unified information flows between security functions, replace manual processes with API-driven automation, and redefine metrics to focus on risk reduction rather than compliance artifacts.","The software release calendar has been replaced by a continuous flow of updates and innovations. Yet many organizations still approach compliance like it's 2010.\n\nThe adoption of DevOps practices fundamentally changed the game, compressing release cycles from months to days or even hours. Organizations that once celebrated quarterly releases now deploy to production dozens or hundreds of times daily. This acceleration has delivered enormous business value - faster time to market, quicker feedback loops, and increased competitive advantage.\n\nNow add AI-powered development tools to the mix. Large language models, AI coding assistants, and [AI agents](https://about.gitlab.com/the-source/ai/agentic-ai-unlocking-developer-potential-at-scale/) have become sophisticated enough to generate substantial amounts of functional code with minimal human input.\n\nHowever, this creates a significant challenge for governance, risk, and compliance (GRC) teams, who are often still using approaches designed for a world where releases occur quarterly, rather than hourly. Traditional GRC approaches simply weren't designed for this velocity and scale - it’s like trying to monitor and track every car on every highway in the world with a pen and paper.\n\n## Why traditional GRC falls short\nThe fundamental mismatch between modern development and traditional GRC starts with timing. While DevSecOps teams operate continuously, traditional GRC functions typically operate on quarterly or annual cycles. Annual penetration tests, quarterly compliance control testing, and monthly risk assessments simply can't keep pace with environments that change hourly. By the time a traditional security assessment is complete, the system being evaluated may have undergone dozens of changes.\n\nThe gap between automated infrastructure and manual compliance processes compounds this timing mismatch. Cloud-native applications automatically scale resources up and down in response to demand. Infrastructure-as-code templates can spin up and tear down entire environments with a single command. Meanwhile, compliance verification still relies heavily on manual evidence collection and human review. GRC teams can spend days taking screenshots of configurations that were automatically changed minutes after they documented them.\n\nThe result is security compliance that exists largely on paper but bears little resemblance to operational reality. When your integrated DevSecOps platform supports hundreds of deployments daily, yet your GRC team still manually collects screenshots every quarter for audit purposes, you have a fundamental disconnect. Risk registers become outdated almost immediately. Compliance certifications verify controls that may no longer exist in the form originally documented. And security policies address threats to systems that have since been redesigned or replaced entirely.\n\n## Transforming GRC for modern DevSecOps\nI’ve seen this tension unfold in countless organizations. Here are a few steps you can take now to help GRC keep up:\n\n### Think about GRC as a product, not a project\nThe first step in transforming GRC for modern DevSecOps environments requires a fundamental shift in thinking. Traditional GRC operates as a project - a recurring set of activities with a defined beginning and end. Modern GRC needs to function as a product - a continuously evolving set of capabilities that deliver ongoing value.\n\nThis product mindset transforms how we approach compliance and security. Instead of preparing for an annual SOC 2 audit by scrambling to collect evidence in the weeks before the auditor arrives, think about building continuous compliance directly into your development pipeline. Instead of quarterly risk management assessments, aim for real-time visibility. And look for ways to embed governance in daily operations, with version-controlled policies managed like code using Markdown.\n\nWithin [a unified DevSecOps platform](https://about.gitlab.com/platform/), this product-based approach happens naturally. Security scans become part of the merge request process. Compliance requirements transform into pipeline rules that run with every commit. And audit evidence is automatically collected as a byproduct of normal development activities. The result? The focus shifts from \"passing the audit\" to \"[building securely by default](https://about.gitlab.com/the-source/security/strengthen-your-cybersecurity-strategy-with-secure-by-design/).\"\n\n### Create unified, automated information flows\nYou’ll also need to rethink both the architecture of your GRC program and the engineering approach behind it. Begin by establishing unified information flows among security, risk, and compliance functions. A vulnerability found in a security scan should automatically update your risk register and compliance status without manual intervention. This unified data model ensures everyone works from a single source of truth, breaking down siloes between security and development teams.\n\nThe next step is to replace manual evidence collection with API-driven automation. Instead of taking screenshots of access control settings, implement API calls that query your identity provider and generate access reports automatically. Rather than manually reviewing infrastructure settings, pull configuration data directly from your cloud providers. Every security setting that requires verification should be accessible programmatically.\n\nPerhaps most importantly, leverage the same pipeline-based approach for security that you use for code validation. [Integrated CI/CD pipelines](https://about.gitlab.com/blog/ultimate-guide-to-ci-cd-fundamentals-to-advanced-implementation/) allow you to define security and compliance requirements as code, running automated validation with every change. This infrastructure-as-code approach ensures that security controls are implemented consistently and verified continuously, eliminating the gap between documented controls and operational reality.\n\n### Connect GRC to business value\nThe practical implementation of these changes doesn't happen overnight, but organizations can follow a clear path to transform their GRC approach.\n\nFirst, bridge the cultural and language gap between GRC and engineering teams. Security professionals need to understand how developers work, while engineers need to appreciate security requirements. This mutual understanding creates the foundation for effective collaboration. Create joint working sessions where compliance teams learn basic Git workflows while developers understand compliance requirements in concrete terms.\n\nNext, redefine success metrics to focus on risk reduction rather than compliance artifacts. Instead of tracking the number of policies documented or controls tested, measure actual security outcomes: vulnerability remediation times, security issues found in production versus development, and the number of compliance exceptions. These outcome-based metrics drive real improvements in security posture.\n\nThis transforms GRC from a necessary evil to a business enabler. When [security and compliance are built into development workflows](https://about.gitlab.com/the-source/security/beyond-shift-left-engineering-supply-chain-safety-at-scale/), they stop being roadblocks and become competitive advantages. Organizations with integrated security can ship faster and with greater confidence than those with traditional bolted-on approaches.\n\nThis transformation becomes even more powerful within a unified platform. End-to-end visibility across the entire software development lifecycle creates unmatched transparency into security status. The same controls that verify code quality can enforce security requirements, creating a seamless experience for developers while maintaining strong governance for security teams.\n\n## Security as an enabler, not a bottleneck\nAs AI-accelerated development transforms software development, GRC must evolve from a checkpoint process to an integral part of the development workflow. Organizations can maintain strong governance without sacrificing speed by adopting a product mindset, reimagining GRC architecture, and implementing engineering solutions that match the pace of modern development. The future of GRC isn't about slowing down development - it's about building security and compliance into every step of the process, enabling teams to move faster with greater confidence.",[28,31,34,37,40,43],{"header":29,"content":30},"Why do traditional GRC models struggle in modern software environments?","Traditional GRC models operate on quarterly or annual cycles, but DevSecOps teams now deploy code multiple times a day. This timing mismatch means compliance efforts often lag behind actual development changes, making them ineffective in dynamic environments.",{"header":32,"content":33},"What does it mean to treat GRC as a product instead of a project?","Viewing GRC as a product means continuously evolving and embedding compliance into daily workflows, rather than treating it as a periodic event. It’s about creating always-on capabilities like automated evidence collection and policy enforcement through code.",{"header":35,"content":36},"How can automation improve governance and compliance?","Automation reduces the reliance on manual reviews and paperwork by using API calls and pipeline integrations to validate security settings and collect audit data. This makes compliance scalable, real-time, and aligned with the pace of software delivery.",{"header":38,"content":39},"What tools or strategies support continuous compliance?","Unified DevSecOps platforms with integrated CI/CD pipelines support continuous compliance. They allow you to define security policies as code, apply them automatically with every change, and log evidence of compliance as part of normal workflows.",{"header":41,"content":42},"How should success be measured in modern GRC programs?","Instead of counting controls or documented policies, success should be measured through real-world outcomes like faster vulnerability remediation, fewer security exceptions, and better security hygiene from development to production.",{"header":44,"content":45},"How can AI development practices coexist with compliance requirements?","By embedding guardrails and governance into the software pipeline, AI-powered development can align with compliance needs. Structured policies, automated validation, and continuous monitoring ensure security isn’t compromised while enabling fast iteration.","article","compliance-at-the-speed-of-ai-reimagining-grc","content:en-us:the-source:security:compliance-at-the-speed-of-ai-reimagining-grc:index.yml","yaml","content","en-us/the-source/security/compliance-at-the-speed-of-ai-reimagining-grc/index.yml","en-us/the-source/security/compliance-at-the-speed-of-ai-reimagining-grc/index","yml",{"_path":55,"_dir":56,"_draft":6,"_partial":6,"_locale":7,"data":57,"_id":357,"_type":49,"title":358,"_source":50,"_file":359,"_stem":360,"_extension":53},"/shared/en-us/main-footer","en-us",{"text":58,"source":59,"edit":65,"contribute":70,"config":75,"items":80,"minimal":349},"Git is a trademark of Software Freedom Conservancy and our use of 'GitLab' is under license",{"text":60,"config":61},"View page source",{"href":62,"dataGaName":63,"dataGaLocation":64},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/","page source","footer",{"text":66,"config":67},"Edit this page",{"href":68,"dataGaName":69,"dataGaLocation":64},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/content/","web ide",{"text":71,"config":72},"Please contribute",{"href":73,"dataGaName":74,"dataGaLocation":64},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/CONTRIBUTING.md/","please contribute",{"twitter":76,"facebook":77,"youtube":78,"linkedin":79},"https://twitter.com/gitlab","https://www.facebook.com/gitlab","https://www.youtube.com/channel/UCnMGQ8QHMAnVIsI3xJrihhg","https://www.linkedin.com/company/gitlab-com",[81,108,181,249,311],{"title":82,"links":83,"subMenu":89},"Platform",[84],{"text":85,"config":86},"DevSecOps platform",{"href":87,"dataGaName":88,"dataGaLocation":64},"/platform/","devsecops platform",[90],{"title":91,"links":92},"Pricing",[93,98,103],{"text":94,"config":95},"View plans",{"href":96,"dataGaName":97,"dataGaLocation":64},"/pricing/","view plans",{"text":99,"config":100},"Why Premium?",{"href":101,"dataGaName":102,"dataGaLocation":64},"/pricing/premium/","why premium",{"text":104,"config":105},"Why Ultimate?",{"href":106,"dataGaName":107,"dataGaLocation":64},"/pricing/ultimate/","why ultimate",{"title":109,"links":110},"Solutions",[111,116,121,126,131,136,141,146,151,156,161,166,171,176],{"text":112,"config":113},"Digital transformation",{"href":114,"dataGaName":115,"dataGaLocation":64},"/topics/digital-transformation/","digital transformation",{"text":117,"config":118},"Security & Compliance",{"href":119,"dataGaName":120,"dataGaLocation":64},"/solutions/security-compliance/","security & compliance",{"text":122,"config":123},"Automated software delivery",{"href":124,"dataGaName":125,"dataGaLocation":64},"/solutions/delivery-automation/","automated software delivery",{"text":127,"config":128},"Agile development",{"href":129,"dataGaName":130,"dataGaLocation":64},"/solutions/agile-delivery/","agile delivery",{"text":132,"config":133},"Cloud transformation",{"href":134,"dataGaName":135,"dataGaLocation":64},"/topics/cloud-native/","cloud transformation",{"text":137,"config":138},"SCM",{"href":139,"dataGaName":140,"dataGaLocation":64},"/solutions/source-code-management/","source code management",{"text":142,"config":143},"CI/CD",{"href":144,"dataGaName":145,"dataGaLocation":64},"/solutions/continuous-integration/","continuous integration & delivery",{"text":147,"config":148},"Value stream management",{"href":149,"dataGaName":150,"dataGaLocation":64},"/solutions/value-stream-management/","value stream management",{"text":152,"config":153},"GitOps",{"href":154,"dataGaName":155,"dataGaLocation":64},"/solutions/gitops/","gitops",{"text":157,"config":158},"Enterprise",{"href":159,"dataGaName":160,"dataGaLocation":64},"/enterprise/","enterprise",{"text":162,"config":163},"Small business",{"href":164,"dataGaName":165,"dataGaLocation":64},"/small-business/","small business",{"text":167,"config":168},"Public sector",{"href":169,"dataGaName":170,"dataGaLocation":64},"/solutions/public-sector/","public sector",{"text":172,"config":173},"Education",{"href":174,"dataGaName":175,"dataGaLocation":64},"/solutions/education/","education",{"text":177,"config":178},"Financial services",{"href":179,"dataGaName":180,"dataGaLocation":64},"/solutions/finance/","financial services",{"title":182,"links":183},"Resources",[184,189,194,199,204,209,214,219,224,229,234,239,244],{"text":185,"config":186},"Install",{"href":187,"dataGaName":188,"dataGaLocation":64},"/install/","install",{"text":190,"config":191},"Quick start guides",{"href":192,"dataGaName":193,"dataGaLocation":64},"/get-started/","quick setup checklists",{"text":195,"config":196},"Learn",{"href":197,"dataGaName":198,"dataGaLocation":64},"https://university.gitlab.com/","learn",{"text":200,"config":201},"Product documentation",{"href":202,"dataGaName":203,"dataGaLocation":64},"https://docs.gitlab.com/","docs",{"text":205,"config":206},"Blog",{"href":207,"dataGaName":208,"dataGaLocation":64},"/blog/","blog",{"text":210,"config":211},"Customer success stories",{"href":212,"dataGaName":213,"dataGaLocation":64},"/customers/","customer success stories",{"text":215,"config":216},"Remote",{"href":217,"dataGaName":218,"dataGaLocation":64},"https://handbook.gitlab.com/handbook/company/culture/all-remote/","remote",{"text":220,"config":221},"GitLab Services",{"href":222,"dataGaName":223,"dataGaLocation":64},"/services/","services",{"text":225,"config":226},"TeamOps",{"href":227,"dataGaName":228,"dataGaLocation":64},"/teamops/","teamops",{"text":230,"config":231},"Community",{"href":232,"dataGaName":233,"dataGaLocation":64},"/community/","community",{"text":235,"config":236},"Forum",{"href":237,"dataGaName":238,"dataGaLocation":64},"https://forum.gitlab.com/","forum",{"text":240,"config":241},"Events",{"href":242,"dataGaName":243,"dataGaLocation":64},"/events/","events",{"text":245,"config":246},"Partners",{"href":247,"dataGaName":248,"dataGaLocation":64},"/partners/","partners",{"title":250,"links":251},"Company",[252,257,262,267,272,277,282,286,291,296,301,306],{"text":253,"config":254},"About",{"href":255,"dataGaName":256,"dataGaLocation":64},"/company/","company",{"text":258,"config":259},"Jobs",{"href":260,"dataGaName":261,"dataGaLocation":64},"/jobs/","jobs",{"text":263,"config":264},"Leadership",{"href":265,"dataGaName":266,"dataGaLocation":64},"/company/team/e-group/","leadership",{"text":268,"config":269},"Team",{"href":270,"dataGaName":271,"dataGaLocation":64},"/company/team/","team",{"text":273,"config":274},"Handbook",{"href":275,"dataGaName":276,"dataGaLocation":64},"https://handbook.gitlab.com/","handbook",{"text":278,"config":279},"Investor relations",{"href":280,"dataGaName":281,"dataGaLocation":64},"https://ir.gitlab.com/","investor relations",{"text":283,"config":284},"Sustainability",{"href":285,"dataGaName":283,"dataGaLocation":64},"/sustainability/",{"text":287,"config":288},"Diversity, inclusion and belonging (DIB)",{"href":289,"dataGaName":290,"dataGaLocation":64},"/diversity-inclusion-belonging/","Diversity, inclusion and belonging",{"text":292,"config":293},"Trust Center",{"href":294,"dataGaName":295,"dataGaLocation":64},"/security/","trust center",{"text":297,"config":298},"Newsletter",{"href":299,"dataGaName":300,"dataGaLocation":64},"/company/contact/","newsletter",{"text":302,"config":303},"Press",{"href":304,"dataGaName":305,"dataGaLocation":64},"/press/","press",{"text":307,"config":308},"Modern Slavery Transparency Statement",{"href":309,"dataGaName":310,"dataGaLocation":64},"https://handbook.gitlab.com/handbook/legal/modern-slavery-act-transparency-statement/","modern slavery transparency statement",{"title":312,"links":313},"Contact Us",[314,319,324,329,334,339,344],{"text":315,"config":316},"Contact an expert",{"href":317,"dataGaName":318,"dataGaLocation":64},"/sales/","sales",{"text":320,"config":321},"Get help",{"href":322,"dataGaName":323,"dataGaLocation":64},"/support/","get help",{"text":325,"config":326},"Customer portal",{"href":327,"dataGaName":328,"dataGaLocation":64},"https://customers.gitlab.com/customers/sign_in/","customer portal",{"text":330,"config":331},"Status",{"href":332,"dataGaName":333,"dataGaLocation":64},"https://status.gitlab.com/","status",{"text":335,"config":336},"Terms of use",{"href":337,"dataGaName":338,"dataGaLocation":64},"/terms/","terms of use",{"text":340,"config":341},"Privacy statement",{"href":342,"dataGaName":343,"dataGaLocation":64},"/privacy/","privacy statement",{"text":345,"config":346},"Cookie preferences",{"dataGaName":347,"dataGaLocation":64,"id":348,"isOneTrustButton":13},"cookie preferences","ot-sdk-btn",{"items":350},[351,353,355],{"text":335,"config":352},{"href":337,"dataGaName":338,"dataGaLocation":64},{"text":340,"config":354},{"href":342,"dataGaName":343,"dataGaLocation":64},{"text":345,"config":356},{"dataGaName":347,"dataGaLocation":64,"id":348,"isOneTrustButton":13},"content:shared:en-us:main-footer.yml","Main Footer","shared/en-us/main-footer.yml","shared/en-us/main-footer",{"_path":362,"_dir":9,"_draft":6,"_partial":6,"_locale":7,"logo":363,"subscribeLink":368,"navItems":372,"_id":384,"_type":49,"title":385,"_source":50,"_file":386,"_stem":387,"_extension":53},"/shared/en-us/the-source/navigation",{"altText":364,"config":365},"the source logo",{"src":366,"href":367},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1750191004/t7wz1klfb2kxkezksv9t.svg","/the-source/",{"text":369,"config":370},"Subscribe",{"href":371},"#subscribe",[373,377,380],{"text":374,"config":375},"Artificial Intelligence",{"href":376},"/the-source/ai/",{"text":117,"config":378},{"href":379},"/the-source/security/",{"text":381,"config":382},"Platform & Infrastructure",{"href":383},"/the-source/platform/","content:shared:en-us:the-source:navigation.yml","Navigation","shared/en-us/the-source/navigation.yml","shared/en-us/the-source/navigation",{"_path":389,"_dir":9,"_draft":6,"_partial":6,"_locale":7,"title":390,"description":391,"submitMessage":392,"formData":393,"_id":397,"_type":49,"_source":50,"_file":398,"_stem":399,"_extension":53},"/shared/en-us/the-source/newsletter","The Source Newsletter","Stay updated with insights for the future of software development.","You have successfully signed up for The Source’s newsletter.",{"config":394},{"formId":395,"formName":396,"hideRequiredLabel":13},1077,"thesourcenewsletter","content:shared:en-us:the-source:newsletter.yml","shared/en-us/the-source/newsletter.yml","shared/en-us/the-source/newsletter",{"_path":401,"_dir":9,"_draft":6,"_partial":6,"_locale":7,"type":402,"config":403,"seo":404,"content":407,"slug":5,"_id":420,"_type":49,"title":7,"_source":50,"_file":421,"_stem":422,"_extension":53},"/en-us/the-source/security","category",{"layout":9},{"title":117,"description":405,"ogImage":406},"Get up to speed on how organizations can ensure they're staying on top of evolving security threats and compliance requirements.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463273/aplkxrvwpii26xao5yhi.png",[408,413],{"componentName":409,"type":409,"componentContent":410},"TheSourceCategoryHero",{"title":117,"description":405,"image":411},{"config":412},{"src":406},{"componentName":414,"type":414,"componentContent":415},"TheSourceCategoryMainSection",{"config":416},{"gatedAssets":417},[418,14,419],"source-lp-guide-to-dynamic-sboms","application-security-in-the-digital-age","content:en-us:the-source:security:index.yml","en-us/the-source/security/index.yml","en-us/the-source/security/index",{"_path":424,"_dir":425,"_draft":6,"_partial":6,"_locale":7,"config":426,"title":427,"description":428,"link":429,"_id":435,"_type":49,"_source":50,"_file":436,"_stem":437,"_extension":53},"/shared/en-us/the-source/gated-assets/source-lp-devsecops-the-key-to-modern-security-resilience","gated-assets",{"id":14},"DevSecOps: The key to modern security resilience","Learn how embedding security in development can slash incident response time by 720x and save millions in security costs annually.",{"text":430,"config":431},"Download the guide",{"href":432,"dataGaName":433,"dataGaLocation":434},"https://about.gitlab.com/the-source/security/devsecops-the-key-to-modern-security-resilience/","DevSecOps the key to modern security resilience","thesource","content:shared:en-us:the-source:gated-assets:source-lp-devsecops-the-key-to-modern-security-resilience.yml","shared/en-us/the-source/gated-assets/source-lp-devsecops-the-key-to-modern-security-resilience.yml","shared/en-us/the-source/gated-assets/source-lp-devsecops-the-key-to-modern-security-resilience",{"_path":401,"_dir":9,"_draft":6,"_partial":6,"_locale":7,"type":402,"config":439,"seo":440,"content":441,"slug":5,"_id":420,"_type":49,"title":7,"_source":50,"_file":421,"_stem":422,"_extension":53},{"layout":9},{"title":117,"description":405,"ogImage":406},[442,446],{"componentName":409,"type":409,"componentContent":443},{"title":117,"description":405,"image":444},{"config":445},{"src":406},{"componentName":414,"type":414,"componentContent":447},{"config":448},{"gatedAssets":449},[418,14,419],[451,465,469],{"_path":452,"_dir":425,"_draft":6,"_partial":6,"_locale":7,"config":453,"title":455,"description":456,"link":457,"_id":462,"_type":49,"_source":50,"_file":463,"_stem":464,"_extension":53},"/shared/en-us/the-source/gated-assets/application-security-in-the-digital-age",{"id":419,"formId":454},1002,"Application security in the digital age","Read our survey findings from more than 5,000 DevSecOps professionals worldwide for insights on how organizations are grappling with increasing attack surfaces and changing attitudes towards security and AI.",{"text":458,"config":459},"Read the report",{"href":460,"dataGaName":461,"dataGaLocation":434},"https://about.gitlab.com/developer-survey/2024/security-compliance","Application Security in the Digital Age","content:shared:en-us:the-source:gated-assets:application-security-in-the-digital-age.yml","shared/en-us/the-source/gated-assets/application-security-in-the-digital-age.yml","shared/en-us/the-source/gated-assets/application-security-in-the-digital-age",{"_path":424,"_dir":425,"_draft":6,"_partial":6,"_locale":7,"config":466,"title":427,"description":428,"link":467,"_id":435,"_type":49,"_source":50,"_file":436,"_stem":437,"_extension":53},{"id":14},{"text":430,"config":468},{"href":432,"dataGaName":433,"dataGaLocation":434},{"_path":470,"_dir":425,"_draft":6,"_partial":6,"_locale":7,"config":471,"title":472,"description":473,"link":474,"_id":479,"_type":49,"_source":50,"_file":480,"_stem":481,"_extension":53},"/shared/en-us/the-source/gated-assets/source-lp-guide-to-dynamic-sboms",{"id":418},"Guide to dynamic SBOMs: An integral element of modern software development","Learn how to gain visibility into previously unidentified organizational risks with a software bill of materials (SBOM).",{"text":475,"config":476},"Read the guide",{"href":477,"dataGaName":478,"dataGaLocation":434},"https://about.gitlab.com/the-source/security/guide-to-dynamic-sboms/","Guide to Dynamic SBOMs","content:shared:en-us:the-source:gated-assets:source-lp-guide-to-dynamic-sboms.yml","shared/en-us/the-source/gated-assets/source-lp-guide-to-dynamic-sboms.yml","shared/en-us/the-source/gated-assets/source-lp-guide-to-dynamic-sboms",[483,508,524,542,557,577,598,620,636,655,677,695,716,732,751,768,786,806,824,843,864,885,901,917,937,955,976,994,1013,1029,1050],{"_path":484,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":486,"seo":487,"content":489,"type":503,"slug":504,"_id":505,"_type":49,"title":488,"_source":50,"_file":506,"_stem":507,"_extension":53},"/en-us/the-source/authors/amanda-rueda","authors",{"layout":9},{"title":488},"Amanda Rueda",[490,501],{"type":491,"componentName":491,"componentContent":492},"TheSourceAuthorHero",{"config":493,"name":488,"role":496,"bio":497,"headshot":498},{"gitlabHandle":494,"linkedInProfileUrl":495},"amandarueda","https://www.linkedin.com/in/amandamrueda/","Senior Product Manager","Amanda Rueda is a Senior Product Manager at GitLab, specializing in strategic product vision, agile planning, and leveraging AI to enhance workflows and user experiences. Amanda is a thought leader in agile planning and product management workflows, and enjoys building GitLab features that drive team collaboration, transparent project management, and high-performing teams.",{"altText":488,"config":499},{"src":500},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463383/osecw1pzbxvb7fhqhiky.png",{"componentName":502,"type":502},"TheSourceArticlesList","author","amanda-rueda","content:en-us:the-source:authors:amanda-rueda.yml","en-us/the-source/authors/amanda-rueda.yml","en-us/the-source/authors/amanda-rueda",{"_path":509,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":510,"seo":511,"content":513,"type":503,"slug":520,"_id":521,"_type":49,"title":512,"_source":50,"_file":522,"_stem":523,"_extension":53},"/en-us/the-source/authors/andre-michael-braun",{"layout":9},{"title":512},"Andre Michael Braun",[514,519],{"type":491,"componentName":491,"componentContent":515},{"name":512,"headshot":516},{"altText":512,"config":517},{"src":518},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463336/yl27k7wdlnkzsizwknn1.jpg",{"componentName":502,"type":502},"andre-michael-braun","content:en-us:the-source:authors:andre-michael-braun.yml","en-us/the-source/authors/andre-michael-braun.yml","en-us/the-source/authors/andre-michael-braun",{"_path":525,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":526,"seo":527,"content":529,"type":503,"slug":538,"_id":539,"_type":49,"title":528,"_source":50,"_file":540,"_stem":541,"_extension":53},"/en-us/the-source/authors/andrew-haschka",{"layout":9},{"title":528},"Andrew Haschka",[530,537],{"type":491,"componentName":491,"componentContent":531},{"name":528,"role":532,"bio":533,"headshot":534},"Field CTO, Asia Pacific & Japan","Andrew Haschka is the CTO for Asia Pacific & Japan at GitLab, acting as the trusted advisor to GitLab partners and customers. Andrew takes a consultative approach to address common and unique business requirements. He provides subject matter expertise and industry experience throughout the customer’s modernisation journey, working with product management and engineering teams to evolve product features to meet market demand.",{"altText":528,"config":535},{"src":536},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463349/z1qnc4uxmqgg3hnm3da4.png",{"componentName":502,"type":502},"andrew-haschka","content:en-us:the-source:authors:andrew-haschka.yml","en-us/the-source/authors/andrew-haschka.yml","en-us/the-source/authors/andrew-haschka",{"_path":543,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":544,"seo":545,"content":547,"type":503,"slug":12,"_id":554,"_type":49,"title":546,"_source":50,"_file":555,"_stem":556,"_extension":53},"/en-us/the-source/authors/ayoub-fandi",{"layout":9},{"title":546},"Ayoub Fandi",[548,553],{"componentName":491,"type":491,"componentContent":549},{"name":546,"headshot":550},{"altText":546,"config":551},{"src":552},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463329/wyp554loeyoibx3ozren.jpg",{"componentName":502,"type":502},"content:en-us:the-source:authors:ayoub-fandi.yml","en-us/the-source/authors/ayoub-fandi.yml","en-us/the-source/authors/ayoub-fandi",{"_path":558,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":559,"seo":560,"content":562,"type":503,"slug":573,"_id":574,"_type":49,"title":561,"_source":50,"_file":575,"_stem":576,"_extension":53},"/en-us/the-source/authors/bob-stevens",{"layout":9},{"title":561},"Bob Stevens",[563,572],{"componentName":491,"type":491,"componentContent":564},{"config":565,"name":561,"role":568,"headshot":569},{"gitlabHandle":566,"linkedInProfileUrl":567},"bstevens1","https://www.linkedin.com/in/bob-stevens-1237564/","Public Sector Area Vice President, GitLab",{"altText":561,"config":570},{"src":571},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1752687939/mv3lhtimdzr8jmfqmbk1.jpg",{"componentName":502,"type":502},"bob-stevens","content:en-us:the-source:authors:bob-stevens.yml","en-us/the-source/authors/bob-stevens.yml","en-us/the-source/authors/bob-stevens",{"_path":578,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":579,"seo":580,"content":582,"type":503,"slug":594,"_id":595,"_type":49,"title":581,"_source":50,"_file":596,"_stem":597,"_extension":53},"/en-us/the-source/authors/brian-wald",{"layout":9},{"title":581},"Brian Wald",[583,593],{"componentName":491,"type":491,"componentContent":584},{"config":585,"name":581,"role":588,"bio":589,"headshot":590},{"gitlabHandle":586,"linkedInProfileUrl":587},"brianwald","https://www.linkedin.com/in/brianwald/","Head of Global Field CTO org","Brian Wald is Head of Global Field CTO org at GitLab. He leads a dynamic team of Field CTOs dedicated to transforming enterprise software development practices.",{"altText":581,"config":591},{"src":592},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463417/fugpbux9miqbdx3wewtu.jpg",{"componentName":502,"type":502},"brian-wald","content:en-us:the-source:authors:brian-wald.yml","en-us/the-source/authors/brian-wald.yml","en-us/the-source/authors/brian-wald",{"_path":599,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":600,"seo":601,"content":603,"type":503,"slug":616,"_id":617,"_type":49,"title":602,"_source":50,"_file":618,"_stem":619,"_extension":53},"/en-us/the-source/authors/bryan-ross",{"layout":9},{"title":602},"Bryan Ross",[604,615],{"componentName":491,"type":491,"componentContent":605},{"config":606,"name":602,"role":610,"bio":611,"headshot":612},{"gitlabHandle":607,"twitterXProfileUrl":608,"linkedInProfileUrl":609},"bryanrossuk","https://twitter.com/bryanrossuk","https://www.linkedin.com/in/bryanross","Field CTO","With over 15 years of industry experience as a senior IT leader, Bryan helps customers realize business value from IT faster. Equally comfortable speaking with executives and engineers alike, he bridges the gap between technical and business stakeholders through compelling storytelling and real-world examples. With a knack for delivering authentic, impactful messages, he enjoys helping others at the intersection of technology, people and process.",{"altText":602,"config":613},{"src":614},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463324/mvdyvskii4hltdrgqxom.jpg",{"componentName":502,"type":502},"bryan-ross","content:en-us:the-source:authors:bryan-ross.yml","en-us/the-source/authors/bryan-ross.yml","en-us/the-source/authors/bryan-ross",{"_path":621,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":622,"seo":623,"content":625,"type":503,"slug":632,"_id":633,"_type":49,"title":624,"_source":50,"_file":634,"_stem":635,"_extension":53},"/en-us/the-source/authors/chandler-gibbons",{"layout":9},{"title":624},"Chandler Gibbons",[626,631],{"componentName":491,"type":491,"componentContent":627},{"name":624,"headshot":628},{"altText":624,"config":629},{"src":630},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463362/o7g9fqtqtjvegfwniuxh.jpg",{"componentName":502,"type":502},"chandler-gibbons","content:en-us:the-source:authors:chandler-gibbons.yml","en-us/the-source/authors/chandler-gibbons.yml","en-us/the-source/authors/chandler-gibbons",{"_path":637,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":638,"seo":639,"content":641,"type":503,"slug":651,"_id":652,"_type":49,"title":640,"_source":50,"_file":653,"_stem":654,"_extension":53},"/en-us/the-source/authors/dave-steer",{"layout":9},{"title":640},"Dave Steer",[642,650],{"componentName":491,"type":491,"componentContent":643},{"config":644,"name":640,"role":646,"headshot":647},{"gitlabHandle":645},"dsteer","Vice President, Product Marketing",{"altText":640,"config":648},{"src":649},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463457/zbtapdkglu3yb9suaq7w.png",{"componentName":502,"type":502},"dave-steer","content:en-us:the-source:authors:dave-steer.yml","en-us/the-source/authors/dave-steer.yml","en-us/the-source/authors/dave-steer",{"_path":656,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":657,"seo":658,"content":660,"type":503,"slug":672,"_id":673,"_type":49,"title":674,"_source":50,"_file":675,"_stem":676,"_extension":53},"/en-us/the-source/authors/ddesanto",{"layout":9},{"title":659},"David DeSanto",[661,671],{"componentName":491,"type":491,"componentContent":662},{"config":663,"name":659,"role":666,"bio":667,"headshot":668},{"gitlabHandle":664,"linkedInProfileUrl":665},"david","https://www.linkedin.com/in/ddesanto/","Chief Product Officer","David DeSanto is the Chief Product Officer at GitLab Inc., where he leads GitLab’s product division to define and execute GitLab's product vision and roadmap. David is responsible for ensuring the company builds, ships, and supports the platform that reinforces GitLab's leadership in the DevSecOps platform market.",{"altText":659,"config":669},{"src":670},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463446/bgnljs84zcsxj0t6nvix.png",{"componentName":502,"type":502},"ddesanto","content:en-us:the-source:authors:ddesanto.yml","Ddesanto","en-us/the-source/authors/ddesanto.yml","en-us/the-source/authors/ddesanto",{"_path":678,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":679,"seo":680,"content":682,"type":503,"slug":690,"_id":691,"_type":49,"title":692,"_source":50,"_file":693,"_stem":694,"_extension":53},"/en-us/the-source/authors/derek-debellis",{"layout":9},{"title":681},"Derek DeBellis",[683,689],{"componentName":491,"type":491,"componentContent":684},{"name":681,"role":685,"headshot":686},"Lead Researcher, Google's DORA team ",{"altText":681,"config":687},{"src":688},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463385/sbnjwfaguszi5g2smzr7.png",{"componentName":502,"type":502},"derek-debellis","content:en-us:the-source:authors:derek-debellis.yml","Derek Debellis","en-us/the-source/authors/derek-debellis.yml","en-us/the-source/authors/derek-debellis",{"_path":696,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":697,"seo":698,"content":700,"type":503,"slug":712,"_id":713,"_type":49,"title":699,"_source":50,"_file":714,"_stem":715,"_extension":53},"/en-us/the-source/authors/emilio-salvador",{"layout":9},{"title":699},"Emilio Salvador",[701,711],{"componentName":491,"type":491,"componentContent":702},{"config":703,"name":699,"role":706,"bio":707,"headshot":708},{"gitlabHandle":704,"linkedInProfileUrl":705},"esalvadorp","https://www.linkedin.com/in/emiliosp/","Vice President, Strategy and Developer Relations","Emilio Salvador is vice president of strategy and developer relations at GitLab. A technology executive with more than 20 years of experience, Emilio has held roles at Amazon and Microsoft, and most recently led strategy and operations for the Developer Advocacy and Experience team at Google. He holds an MBA from MIT Sloan School of Management.",{"altText":699,"config":709},{"src":710},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463402/g0snp3uisjm4tj3pkqcw.jpg",{"componentName":502,"type":502},"emilio-salvador","content:en-us:the-source:authors:emilio-salvador.yml","en-us/the-source/authors/emilio-salvador.yml","en-us/the-source/authors/emilio-salvador",{"_path":717,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":718,"seo":719,"content":721,"type":503,"slug":728,"_id":729,"_type":49,"title":720,"_source":50,"_file":730,"_stem":731,"_extension":53},"/en-us/the-source/authors/erika-feldman",{"layout":9},{"title":720},"Erika Feldman",[722,727],{"componentName":491,"type":491,"componentContent":723},{"name":720,"headshot":724},{"altText":720,"config":725},{"src":726},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463354/d9quqvz7d2ayjwif7vdn.png",{"componentName":502,"type":502},"erika-feldman","content:en-us:the-source:authors:erika-feldman.yml","en-us/the-source/authors/erika-feldman.yml","en-us/the-source/authors/erika-feldman",{"_path":733,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":734,"seo":735,"content":737,"type":503,"slug":747,"_id":748,"_type":49,"title":736,"_source":50,"_file":749,"_stem":750,"_extension":53},"/en-us/the-source/authors/george-kichukov",{"layout":9},{"title":736},"George Kichukov",[738,746],{"componentName":491,"type":491,"componentContent":739},{"config":740,"name":736,"role":610,"bio":742,"headshot":743},{"gitlabHandle":741},"gkichukov","George Kichukov brings over two decades of expertise in software development, enterprise architecture, and technology leadership to his role as Financial Services Field CTO for GitLab. His career began in the startup ecosystem, where he spent five years developing name-matching technologies deployed across government, defense, and financial services. George transitioned into solution architecture, where he guided financial institutions in modernizing their application development practices. Prior to GitLab, George spent 12 years at a large financial services organization leading developer services, application security programs and DevOps infrastructure automation platforms. In his current role at GitLab, George partners with financial services organizations, helping them achieve their strategic objectives in DevOps, DevSecOps, Developer Experience, SDLC compliance, and using AI across software development.",{"altText":736,"config":744},{"src":745},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463366/dk2knfancgsxocjkmyoa.jpg",{"componentName":502,"type":502},"george-kichukov","content:en-us:the-source:authors:george-kichukov.yml","en-us/the-source/authors/george-kichukov.yml","en-us/the-source/authors/george-kichukov",{"_path":752,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":753,"seo":754,"content":756,"type":503,"slug":763,"_id":764,"_type":49,"title":765,"_source":50,"_file":766,"_stem":767,"_extension":53},"/en-us/the-source/authors/gitlab",{"layout":9},{"title":755},"GitLab",[757,762],{"componentName":491,"type":491,"componentContent":758},{"name":755,"headshot":759},{"altText":755,"config":760},{"src":761},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463461/ts7io0hgpdyqylbzfire.png",{"componentName":502,"type":502},"gitlab","content:en-us:the-source:authors:gitlab.yml","Gitlab","en-us/the-source/authors/gitlab.yml","en-us/the-source/authors/gitlab",{"_path":769,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":770,"seo":771,"content":773,"type":503,"slug":782,"_id":783,"_type":49,"title":772,"_source":50,"_file":784,"_stem":785,"_extension":53},"/en-us/the-source/authors/grant-hickman",{"layout":9},{"title":772},"Grant Hickman",[774,781],{"componentName":491,"type":491,"componentContent":775},{"config":776,"name":772,"headshot":778},{"gitlabHandle":777},"g.hickman",{"altText":772,"config":779},{"src":780},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463463/f3uqwtugqotyhwutz5gu.png",{"componentName":502,"type":502},"grant-hickman","content:en-us:the-source:authors:grant-hickman.yml","en-us/the-source/authors/grant-hickman.yml","en-us/the-source/authors/grant-hickman",{"_path":787,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":788,"seo":789,"content":791,"type":503,"slug":802,"_id":803,"_type":49,"title":790,"_source":50,"_file":804,"_stem":805,"_extension":53},"/en-us/the-source/authors/haim-snir",{"layout":9},{"title":790},"Haim Snir",[792,801],{"componentName":491,"type":491,"componentContent":793},{"config":794,"name":790,"role":797,"headshot":798},{"gitlabHandle":795,"linkedInProfileUrl":796},"hsnir1","https://www.linkedin.com/in/haimsnir/","Senior Product Manager, Dev & Analytics, GitLab",{"altText":790,"config":799},{"src":800},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463395/nubmshvaq8wpomopllni.png",{"componentName":502,"type":502},"haim-snir","content:en-us:the-source:authors:haim-snir.yml","en-us/the-source/authors/haim-snir.yml","en-us/the-source/authors/haim-snir",{"_path":807,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":808,"seo":809,"content":811,"type":503,"slug":815,"_id":820,"_type":49,"title":821,"_source":50,"_file":822,"_stem":823,"_extension":53},"/en-us/the-source/authors/iganbaruch",{"layout":9},{"title":810},"Itzik Gan Baruch",[812,819],{"componentName":491,"type":491,"componentContent":813},{"config":814,"name":810,"headshot":816},{"gitlabHandle":815},"iganbaruch",{"altText":810,"config":817},{"src":818},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463443/vibb2fkc0ojni2d1eqde.png",{"componentName":502,"type":502},"content:en-us:the-source:authors:iganbaruch.yml","Iganbaruch","en-us/the-source/authors/iganbaruch.yml","en-us/the-source/authors/iganbaruch",{"_path":825,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":826,"seo":827,"content":829,"type":503,"slug":838,"_id":839,"_type":49,"title":840,"_source":50,"_file":841,"_stem":842,"_extension":53},"/en-us/the-source/authors/jlongo",{"layout":9},{"title":828},"Joseph Longo",[830,837],{"componentName":491,"type":491,"componentContent":831},{"config":832,"name":828,"headshot":834},{"gitlabHandle":833},"jlongo_gitlab",{"altText":828,"config":835},{"src":836},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463434/uoxaknpmoposbbgzqji8.png",{"componentName":502,"type":502},"jlongo","content:en-us:the-source:authors:jlongo.yml","Jlongo","en-us/the-source/authors/jlongo.yml","en-us/the-source/authors/jlongo",{"_path":844,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":845,"seo":846,"content":848,"type":503,"slug":860,"_id":861,"_type":49,"title":847,"_source":50,"_file":862,"_stem":863,"_extension":53},"/en-us/the-source/authors/joel-krooswyk",{"layout":9},{"title":847},"Joel Krooswyk",[849,859],{"componentName":491,"type":491,"componentContent":850},{"config":851,"name":847,"role":854,"bio":855,"headshot":856},{"gitlabHandle":852,"linkedInProfileUrl":853},"jkrooswyk","https://www.linkedin.com/in/joelrkrooswyk/","Federal CTO","Joel Krooswyk is the Federal CTO at GitLab. Joel has actively been involved in GitLab’s growth since 2017. His 25 years of leadership experience span not only the U.S. Public Sector, but also small, mid-market, and enterprise businesses globally. Joel combines deep government policy expertise with a wealth of experience in technology, software development, AI, and cybersecurity. He is frequently called upon by industry and agencies alike for policy commentary and response.",{"altText":847,"config":857},{"src":858},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463423/mkmdhuxsjggfvokdmdv7.jpg",{"componentName":502,"type":502},"joel-krooswyk","content:en-us:the-source:authors:joel-krooswyk.yml","en-us/the-source/authors/joel-krooswyk.yml","en-us/the-source/authors/joel-krooswyk",{"_path":865,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":866,"seo":867,"content":869,"type":503,"slug":881,"_id":882,"_type":49,"title":868,"_source":50,"_file":883,"_stem":884,"_extension":53},"/en-us/the-source/authors/josh-lemos",{"layout":9},{"title":868},"Josh Lemos",[870,880],{"componentName":491,"type":491,"componentContent":871},{"config":872,"name":868,"role":875,"bio":876,"headshot":877},{"gitlabHandle":873,"linkedInProfileUrl":874},"joshlemos","https://www.linkedin.com/in/joshlemos/","Chief Information Security Officer","Josh Lemos is the Chief Information Security Officer at GitLab Inc., where he brings 20 years of experience leading information security teams to his role. He is responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected, fortifying the Gitlab DevSecOps platform and ensuring the highest level of security for customers.",{"altText":868,"config":878},{"src":879},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463405/f4rqtiecakrekvxfhqar.jpg",{"componentName":502,"type":502},"josh-lemos","content:en-us:the-source:authors:josh-lemos.yml","en-us/the-source/authors/josh-lemos.yml","en-us/the-source/authors/josh-lemos",{"_path":886,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":887,"seo":888,"content":890,"type":503,"slug":897,"_id":898,"_type":49,"title":889,"_source":50,"_file":899,"_stem":900,"_extension":53},"/en-us/the-source/authors/julie-griffin",{"layout":9},{"title":889},"Julie Griffin",[891,896],{"componentName":491,"type":491,"componentContent":892},{"name":889,"headshot":893},{"altText":889,"config":894},{"src":895},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463371/hqkbr3uk8hw2de7tltn4.webp",{"componentName":502,"type":502},"julie-griffin","content:en-us:the-source:authors:julie-griffin.yml","en-us/the-source/authors/julie-griffin.yml","en-us/the-source/authors/julie-griffin",{"_path":902,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":903,"seo":904,"content":906,"type":503,"slug":913,"_id":914,"_type":49,"title":905,"_source":50,"_file":915,"_stem":916,"_extension":53},"/en-us/the-source/authors/kristina-weis",{"layout":9},{"title":905},"Kristina Weis",[907,912],{"componentName":491,"type":491,"componentContent":908},{"name":905,"headshot":909},{"altText":905,"config":910},{"src":911},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463469/eoolq6n6bs0zb8gmf0js.webp",{"componentName":502,"type":502},"kristina-weis","content:en-us:the-source:authors:kristina-weis.yml","en-us/the-source/authors/kristina-weis.yml","en-us/the-source/authors/kristina-weis",{"_path":918,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":919,"seo":920,"content":922,"type":503,"slug":933,"_id":934,"_type":49,"title":921,"_source":50,"_file":935,"_stem":936,"_extension":53},"/en-us/the-source/authors/lee-faus",{"layout":9},{"title":921},"Lee Faus",[923,932],{"componentName":491,"type":491,"componentContent":924},{"config":925,"name":921,"role":927,"bio":928,"headshot":929},{"gitlabHandle":926},"lfaus","Global Field CTO","Lee Faus is a Global Field CTO at GitLab. Lee has been a software architect, teacher, professor, and educator for over 25 years. He leverages his experience as an educator to bring complex technology concepts into a business forum where executives gain valuable advice to positively impact their business.",{"altText":921,"config":930},{"src":931},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463398/vivhlomglvnstamj54bo.jpg",{"componentName":502,"type":502},"lee-faus","content:en-us:the-source:authors:lee-faus.yml","en-us/the-source/authors/lee-faus.yml","en-us/the-source/authors/lee-faus",{"_path":938,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":939,"seo":940,"content":942,"type":503,"slug":946,"_id":951,"_type":49,"title":952,"_source":50,"_file":953,"_stem":954,"_extension":53},"/en-us/the-source/authors/ncregan",{"layout":9},{"title":941},"Niall Cregan",[943,950],{"componentName":491,"type":491,"componentContent":944},{"config":945,"name":941,"headshot":947},{"gitlabHandle":946},"ncregan",{"altText":941,"config":948},{"src":949},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463431/yrtwodocb4cu3j7lkhyo.png",{"componentName":502,"type":502},"content:en-us:the-source:authors:ncregan.yml","Ncregan","en-us/the-source/authors/ncregan.yml","en-us/the-source/authors/ncregan",{"_path":956,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":957,"seo":958,"content":960,"type":503,"slug":971,"_id":972,"_type":49,"title":973,"_source":50,"_file":974,"_stem":975,"_extension":53},"/en-us/the-source/authors/rschulman",{"layout":9},{"title":959},"Robin Schulman",[961,970],{"componentName":491,"type":491,"componentContent":962},{"config":963,"name":959,"role":965,"bio":966,"headshot":967},{"gitlabHandle":964},"robin","Chief Legal Officer","Robin Schulman is the Chief Legal Officer, Head of Corporate Affairs, and Corporate Secretary of GitLab Inc., the DevSecOps platform.",{"altText":959,"config":968},{"src":969},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463437/u2xfbudw1f8hhnkrgaoy.webp",{"componentName":502,"type":502},"rschulman","content:en-us:the-source:authors:rschulman.yml","Rschulman","en-us/the-source/authors/rschulman.yml","en-us/the-source/authors/rschulman",{"_path":977,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":978,"seo":979,"content":981,"type":503,"slug":990,"_id":991,"_type":49,"title":980,"_source":50,"_file":992,"_stem":993,"_extension":53},"/en-us/the-source/authors/sabrina-farmer",{"layout":9},{"title":980},"Sabrina Farmer",[982,989],{"componentName":491,"type":491,"componentContent":983},{"name":980,"role":984,"bio":985,"headshot":986},"Chief Technology Officer","Sabrina Farmer is the Chief Technology Officer at GitLab, where she leads software engineering, operations, and customer support teams to execute the company's technical vision and strategy and oversee the development and delivery of GitLab's products and services.\n\nPrior to GitLab, Sabrina spent nearly two decades at Google, where she most recently served as vice president of engineering, core infrastructure. During her tenure with Google, she was directly responsible for the reliability, performance, and efficiency of all of Google's billion-user products and infrastructure.\n\nA long-time advocate for women in technology, Farmer earned a B.S. in Computer Science at the University of New Orleans, where she established two scholarships to help level the playing field for inclusion and empowerment in technology.",{"altText":980,"config":987},{"src":988},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463377/udmzbjjr5xrcrffdlphx.webp",{"componentName":502,"type":502},"sabrina-farmer","content:en-us:the-source:authors:sabrina-farmer.yml","en-us/the-source/authors/sabrina-farmer.yml","en-us/the-source/authors/sabrina-farmer",{"_path":995,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":996,"seo":997,"content":999,"type":503,"slug":1009,"_id":1010,"_type":49,"title":998,"_source":50,"_file":1011,"_stem":1012,"_extension":53},"/en-us/the-source/authors/sandra-gittlen",{"layout":9},{"title":998},"Sandra Gittlen",[1000,1008],{"componentName":491,"type":491,"componentContent":1001},{"config":1002,"name":998,"role":1004,"headshot":1005},{"gitlabHandle":1003},"sgittlen","Managing Editor, Blog",{"altText":998,"config":1006},{"src":1007},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463466/r7ckb9h2zr4c2rsz3zlm.png",{"componentName":502,"type":502},"sandra-gittlen","content:en-us:the-source:authors:sandra-gittlen.yml","en-us/the-source/authors/sandra-gittlen.yml","en-us/the-source/authors/sandra-gittlen",{"_path":1014,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":1015,"seo":1016,"content":1018,"type":503,"slug":1025,"_id":1026,"_type":49,"title":1017,"_source":50,"_file":1027,"_stem":1028,"_extension":53},"/en-us/the-source/authors/sharon-gaudin",{"layout":9},{"title":1017},"Sharon Gaudin",[1019,1024],{"componentName":491,"type":491,"componentContent":1020},{"name":1017,"headshot":1021},{"altText":1017,"config":1022},{"src":1023},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463475/h6j4nnvykzyfzgvl7txb.webp",{"componentName":502,"type":502},"sharon-gaudin","content:en-us:the-source:authors:sharon-gaudin.yml","en-us/the-source/authors/sharon-gaudin.yml","en-us/the-source/authors/sharon-gaudin",{"_path":1030,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":1031,"seo":1032,"content":1034,"type":503,"slug":1046,"_id":1047,"_type":49,"title":1033,"_source":50,"_file":1048,"_stem":1049,"_extension":53},"/en-us/the-source/authors/stephen-walters",{"layout":9},{"title":1033},"Stephen Walters",[1035,1045],{"componentName":491,"type":491,"componentContent":1036},{"config":1037,"name":1033,"role":1040,"bio":1041,"headshot":1042},{"gitlabHandle":1038,"linkedInProfileUrl":1039},"swalters1","https://www.linkedin.com/in/1stephenwalters/","Field CTO, GitLab","Stephen Walters is Field CTO for GitLab. Stephen has been in the IT industry for over 30 years. He is an extensively experienced subject matter expert in Value Stream Management, DevSecOps, DevOps, ALM, SDLC and IT4IT, with management and consultancy experience across end-to-end IT disciplines. Currently also operating as an Ambassador for the DevOps Institute and an Influencer in the Value Stream Management Consortium, he is interested in all things DevOps. Stephen is a co-author of the Value Stream Reference Architectures white paper and is currently pursuing further research into Value Stream Management, Organizational Architecture and AI.",{"altText":1033,"config":1043},{"src":1044},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463392/g6ktk5qb4vcqc9wqjlf9.jpg",{"componentName":502,"type":502},"stephen-walters","content:en-us:the-source:authors:stephen-walters.yml","en-us/the-source/authors/stephen-walters.yml","en-us/the-source/authors/stephen-walters",{"_path":1051,"_dir":485,"_draft":6,"_partial":6,"_locale":7,"config":1052,"seo":1053,"content":1055,"type":503,"slug":1067,"_id":1068,"_type":49,"title":1069,"_source":50,"_file":1070,"_stem":1071,"_extension":53},"/en-us/the-source/authors/taylor-mccaslin",{"layout":9},{"title":1054},"Taylor McCaslin",[1056,1066],{"componentName":491,"type":491,"componentContent":1057},{"config":1058,"name":1054,"role":1061,"bio":1062,"headshot":1063},{"gitlabHandle":1059,"linkedInProfileUrl":1060},"tmccaslin","https://www.linkedin.com/in/taylormccaslin/","Group Manager, Product - Data Science","Taylor McCaslin is the Product Lead for AI/ML at GitLab, where he is responsible for leading the team of product managers who manage the AI Powered and ModelOps stage groups and sets the vision and direction for how to empower GitLab users to leverage data science as part of their DevOps program. Prior to joining GitLab, he held positions at Indeed, Duo Security, and WP Engine.",{"altText":1054,"config":1064},{"src":1065},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463427/trfasilaeasosxfcxmsm.jpg",{"componentName":502,"type":502},"taylor-mccaslin","content:en-us:the-source:authors:taylor-mccaslin.yml","Taylor Mccaslin","en-us/the-source/authors/taylor-mccaslin.yml","en-us/the-source/authors/taylor-mccaslin",1753207414438]