[{"data":1,"prerenderedAt":1069},["ShallowReactive",2],{"/en-us/the-source/security/how-gitlab-can-help-you-prepare-for-your-soc-2-exam/":3,"footer-en-us":49,"the-source-navigation-en-us":357,"the-source-newsletter-en-us":384,"how-gitlab-can-help-you-prepare-for-your-soc-2-exam-article-hero-category-en-us":396,"how-gitlab-can-help-you-prepare-for-your-soc-2-exam-the-source-gated-asset-en-us":420,"how-gitlab-can-help-you-prepare-for-your-soc-2-exam-category-en-us":436,"how-gitlab-can-help-you-prepare-for-your-soc-2-exam-the-source-resources-en-us":448,"how-gitlab-can-help-you-prepare-for-your-soc-2-exam-article-hero-author-en-us":479},{"_path":4,"_dir":5,"_draft":6,"_partial":6,"_locale":7,"config":8,"seo":13,"content":17,"type":41,"slug":42,"category":5,"_id":43,"_type":44,"title":7,"_source":45,"_file":46,"_stem":47,"_extension":48},"/en-us/the-source/security/how-gitlab-can-help-you-prepare-for-your-soc-2-exam","security",false,"",{"layout":9,"template":10,"articleType":11,"author":12,"featured":6},"the-source","TheSourceArticle","Regular","gitlab",{"title":14,"description":15,"ogImage":16},"How GitLab can help you prepare for your SOC 2 exam","Learn about features in the DevSecOps platform geared toward a SOC2 framework exam.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463759/yk7f6poowtw5y5d5oflv.png",{"title":14,"date":18,"description":15,"timeToRead":19,"heroImage":16,"keyTakeaways":20,"articleBody":24,"faq":25},"2024-07-18","5 min read",[21,22,23],"Automated testing and code coverage reports enhance SOC 2 Availability and Processing Integrity.","GitLab's security scans and role-based controls ensure compliance with the SOC 2 framework, protecting data from vulnerabilities and unauthorized access.","GitLab's templates for browser and load performance testing simplify SOC 2 exams by validating application performance and security at every development stage.","GitLab customers have found that using GitLab as their platform for DevSecOps has simplified the SOC 2 exam process.  This blog reviews the SOC 2 framework and GitLab features that help customers with their SOC 2 exam.\n\n## Introduction to SOC 2\nSystem and Organization Controls 2, or [SOC 2](https://us.aicpa.org/interestareas/frc/assuranceadvisoryservices/serviceorganization-smanagement), is a voluntary compliance standard that specifies how organizations should manage customer data. The SOC 2 exam report allows companies to provide attestation to the trustworthiness of software it offers to business customers.\n\nDeveloped by the Association of International Certified Professional Accountants (AICPA), SOC 2 focuses on five Trust Services Criteria (TSC):\n- Security - protecting customer data from vulnerabilities and unauthorized access\n- Availability - ensuring systems are fault-tolerant and performant under high loads in order to meet availability service-level agreements\n- Processing Integrity - systems function as designed without vulnerabilities, errors, or bugs\n- Confidentiality - protecting confidential information such as application source code, usernames and passwords, credit card information, etc., so that only people who need access in order to do their jobs have access to it\n- Privacy - safeguarding sensitive personally identifiable information (PII) against unauthorized users\n\nSecurity is the only required criterion for every SOC 2 exam. The other criteria can be added to the exam in cases where they are deemed critical to the services being provided.\n\n## Security TSC\nThe security criterion pertains to not only the security of servers and physical systems, but also applications. Software vulnerabilities potentially open up an application to attackers, putting customers' data at risk, but this is an area where GitLab can help.\n\nGitLab provides security scans to identify potential vulnerabilities in the applications a company builds, including the following:\n- [Static Application Security Scanning (SAST)](https://docs.gitlab.com/ee/user/application_security/sast/), which scans source code for potential bugs and vulnerabilities such as unsafe code that can lead to unintended code execution\n- [Dependency Scanning](https://docs.gitlab.com/ee/user/application_security/dependency_scanning/), which finds security vulnerabilities in the software dependencies of an application\n- [Container Scanning](https://docs.gitlab.com/ee/user/application_security/container_scanning/), which finds security vulnerabilities in the operating system dependencies of a containerized application\n- [Dynamic Application Security Scanning (DAST)](https://docs.gitlab.com/ee/user/application_security/dast/), which finds security vulnerabilities in a running web application that make it susceptible to an attack\n- [Infrastructure as Code (IaC) Scanning](https://docs.gitlab.com/ee/user/application_security/iac_scanning/), which scans infrastructure as code configuration files, including Terraform, Ansible, AWS CloudFormation, and Kubernetes, to find security vulnerabilities\n\nGitLab also provides a [vulnerability report](https://docs.gitlab.com/ee/user/application_security/vulnerability_report/), which shows all known vulnerabilities, based on the scans above, in the current application. GitLab also provides a software bill of materials ([SBOM](https://docs.gitlab.com/ee/user/application_security/dependency_list/)) in standard CycloneDX JSON format, that shows all software-level and operating system-level dependencies and known vulnerabilities for them.\n\nHaving regular vulnerability scans and robust vulnerability reporting helps satisfy three Security criteria:\n- CC7.1 – To meet its objectives, the entity uses detection and monitoring procedures to identify (1) changes to configurations that result in the introduction of new vulnerabilities, and (2) susceptibilities to newly discovered vulnerabilities.\n- CC4.1 – COSO Principle 16: The entity selects, develops, and performs ongoing and/or separate evaluations to ascertain whether the components of internal control are present and functioning.\n- CC4.2 – COSO Principle 17: The entity evaluates and communicates internal control deficiencies in a timely manner to those parties responsible for taking corrective action, including senior management and the board of directors, as appropriate.\n\nA crucial piece of security scans is governance and enforcement. GitLab provides features to ensure that scans are happening regularly and that software development teams are not able to circumvent them. These features include:\n- [Role-based access controls](https://docs.gitlab.com/ee/user/permissions.html) to limit who can make changes to project-level configuration settings\n- [Scan execution policies](https://docs.gitlab.com/ee/user/application_security/policies/scan-execution-policies.html) to enforce that scans run on each code repository\n- [Merge request approval policies](https://docs.gitlab.com/ee/user/application_security/policies/merge_request_approval_policies.html) to ensure that scan results are reviewed and approved by the appropriate security stakeholders so that newly found vulnerabilities are not being introduced into deployed software\n- [Compliance reports](https://docs.gitlab.com/ee/user/application_security/) to show any changes to GitLab configurations that may violate security processes put in place\n\nWith these configurations in place, organizations can prove that software security is a top priority for their applications and security practices are being enforced.\n\n## Availability and Processing Integrity TSCs\nGitLab can also help with Availability and Processing Integrity TSCs. These criteria focus on the quality and performance of the application itself. To support these criteria, GitLab provides:\n- Unit test results and code coverage changes in the form of [code coverage reports](https://docs.gitlab.com/ee/ci/testing/code_coverage.html), which ensure that source code is being validated by a test suite\n- [Code quality](https://docs.gitlab.com/ee/ci/testing/code_quality.html), which analyzes the source code quality and complexity for ease of readability and maintainability\n\nWhile the above software development practices are used early in the software development lifecycle to ensure high-quality, tested code, GitLab additionally provides templates for various types of automated tests for a running application to ensure it is working as expected. These tests include:\n- [Browser performance testing](https://docs.gitlab.com/ee/ci/testing/browser_performance_testing.html), which measures the load time for web sites during the development lifecycle to test the impact of any ocde changes on browser performance\n- [Load performance testing](https://docs.gitlab.com/ee/ci/testing/load_performance_testing.html), which measures the system performance of an application's backend during the development lifecycle to test the impact of any code changes on performance\n- [Coverage-guided fuzz testing](https://docs.gitlab.com/ee/user/application_security/coverage_fuzzing/), which sends unexpected, malformed, or random data to an application and then monitors it for unstable behaviors and crashes\n- [Web API fuzz testing](https://docs.gitlab.com/ee/user/application_security/api_fuzzing/), which sends unxpected, malformed, or random data to API endpoints to look for bugs and security issues\n\nBy focusing on strong DevSecOps practices with GitLab to build high-quality, secure applications, organizations are able to more easily pass a SOC 2 exam to attest to the security of customer data.\n\n> **Learn more: [Strengthen your cybersecurity posture](https://about.gitlab.com/the-source/security/strengthen-your-cybersecurity-strategy-with-secure-by-design/) with Secure by Design principles.**",[26,29,32,35,38],{"header":27,"content":28},"How does GitLab help organizations achieve SOC 2 compliance?","GitLab supports SOC 2 compliance by providing advanced security scans (SAST, DAST, dependency scanning, and IaC scanning), vulnerability reporting, and role-based access controls. These features help organizations detect and mitigate security risks while maintaining robust internal controls and audit trails to demonstrate compliance.",{"header":30,"content":31},"How do GitLab's compliance features enhance governance and enforcement for SOC 2?","- Role-based access controls to limit configuration changes\n- Scan execution policies to mandate regular security scans\n- Merge request approval policies to review and approve vulnerabilities\n- Compliance reports to track configuration changes and ensure adherence to security policies",{"header":33,"content":34},"Which Trust Services Criteria (TSC) are covered by GitLab's security features?","GitLab helps organizations meet the Security, Availability, and Processing Integrity TSCs by providing:\n - Security scans to detect vulnerabilities\n - Role-based access controls and compliance reports to enforce security policies\n - Performance and code quality tests to ensure application integrity and availability",{"header":36,"content":37},"What are the benefits of using GitLab for SOC 2 exam preparation?","Using GitLab for SOC 2 exam preparation streamlines compliance by integrating security scans, vulnerability management, and compliance reporting within a single platform. This holistic approach reduces manual effort, ensures consistent security practices, and enhances the organization's ability to pass the SOC 2 exam with confidence.",{"header":39,"content":40},"What is SOC 2 compliance and why is it important for software companies?","SOC 2 is a voluntary compliance standard that specifies how organizations should manage customer data, focusing on security, availability, processing integrity, confidentiality, and privacy. It demonstrates trustworthiness and data protection to business customers, enhancing credibility and ensuring compliance with industry standards.","article","how-gitlab-can-help-you-prepare-for-your-soc-2-exam","content:en-us:the-source:security:how-gitlab-can-help-you-prepare-for-your-soc-2-exam:index.yml","yaml","content","en-us/the-source/security/how-gitlab-can-help-you-prepare-for-your-soc-2-exam/index.yml","en-us/the-source/security/how-gitlab-can-help-you-prepare-for-your-soc-2-exam/index","yml",{"_path":50,"_dir":51,"_draft":6,"_partial":6,"_locale":7,"data":52,"_id":353,"_type":44,"title":354,"_source":45,"_file":355,"_stem":356,"_extension":48},"/shared/en-us/main-footer","en-us",{"text":53,"source":54,"edit":60,"contribute":65,"config":70,"items":75,"minimal":345},"Git is a trademark of Software Freedom Conservancy and our use of 'GitLab' is under license",{"text":55,"config":56},"View page source",{"href":57,"dataGaName":58,"dataGaLocation":59},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/","page source","footer",{"text":61,"config":62},"Edit this page",{"href":63,"dataGaName":64,"dataGaLocation":59},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/content/","web ide",{"text":66,"config":67},"Please contribute",{"href":68,"dataGaName":69,"dataGaLocation":59},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/CONTRIBUTING.md/","please contribute",{"twitter":71,"facebook":72,"youtube":73,"linkedin":74},"https://twitter.com/gitlab","https://www.facebook.com/gitlab","https://www.youtube.com/channel/UCnMGQ8QHMAnVIsI3xJrihhg","https://www.linkedin.com/company/gitlab-com",[76,103,176,244,306],{"title":77,"links":78,"subMenu":84},"Platform",[79],{"text":80,"config":81},"DevSecOps platform",{"href":82,"dataGaName":83,"dataGaLocation":59},"/platform/","devsecops platform",[85],{"title":86,"links":87},"Pricing",[88,93,98],{"text":89,"config":90},"View plans",{"href":91,"dataGaName":92,"dataGaLocation":59},"/pricing/","view plans",{"text":94,"config":95},"Why Premium?",{"href":96,"dataGaName":97,"dataGaLocation":59},"/pricing/premium/","why premium",{"text":99,"config":100},"Why Ultimate?",{"href":101,"dataGaName":102,"dataGaLocation":59},"/pricing/ultimate/","why ultimate",{"title":104,"links":105},"Solutions",[106,111,116,121,126,131,136,141,146,151,156,161,166,171],{"text":107,"config":108},"Digital transformation",{"href":109,"dataGaName":110,"dataGaLocation":59},"/topics/digital-transformation/","digital transformation",{"text":112,"config":113},"Security & Compliance",{"href":114,"dataGaName":115,"dataGaLocation":59},"/solutions/security-compliance/","security & compliance",{"text":117,"config":118},"Automated software delivery",{"href":119,"dataGaName":120,"dataGaLocation":59},"/solutions/delivery-automation/","automated software delivery",{"text":122,"config":123},"Agile development",{"href":124,"dataGaName":125,"dataGaLocation":59},"/solutions/agile-delivery/","agile delivery",{"text":127,"config":128},"Cloud transformation",{"href":129,"dataGaName":130,"dataGaLocation":59},"/topics/cloud-native/","cloud transformation",{"text":132,"config":133},"SCM",{"href":134,"dataGaName":135,"dataGaLocation":59},"/solutions/source-code-management/","source code management",{"text":137,"config":138},"CI/CD",{"href":139,"dataGaName":140,"dataGaLocation":59},"/solutions/continuous-integration/","continuous integration & delivery",{"text":142,"config":143},"Value stream management",{"href":144,"dataGaName":145,"dataGaLocation":59},"/solutions/value-stream-management/","value stream management",{"text":147,"config":148},"GitOps",{"href":149,"dataGaName":150,"dataGaLocation":59},"/solutions/gitops/","gitops",{"text":152,"config":153},"Enterprise",{"href":154,"dataGaName":155,"dataGaLocation":59},"/enterprise/","enterprise",{"text":157,"config":158},"Small business",{"href":159,"dataGaName":160,"dataGaLocation":59},"/small-business/","small business",{"text":162,"config":163},"Public sector",{"href":164,"dataGaName":165,"dataGaLocation":59},"/solutions/public-sector/","public sector",{"text":167,"config":168},"Education",{"href":169,"dataGaName":170,"dataGaLocation":59},"/solutions/education/","education",{"text":172,"config":173},"Financial services",{"href":174,"dataGaName":175,"dataGaLocation":59},"/solutions/finance/","financial services",{"title":177,"links":178},"Resources",[179,184,189,194,199,204,209,214,219,224,229,234,239],{"text":180,"config":181},"Install",{"href":182,"dataGaName":183,"dataGaLocation":59},"/install/","install",{"text":185,"config":186},"Quick start guides",{"href":187,"dataGaName":188,"dataGaLocation":59},"/get-started/","quick setup checklists",{"text":190,"config":191},"Learn",{"href":192,"dataGaName":193,"dataGaLocation":59},"https://university.gitlab.com/","learn",{"text":195,"config":196},"Product documentation",{"href":197,"dataGaName":198,"dataGaLocation":59},"https://docs.gitlab.com/","docs",{"text":200,"config":201},"Blog",{"href":202,"dataGaName":203,"dataGaLocation":59},"/blog/","blog",{"text":205,"config":206},"Customer success stories",{"href":207,"dataGaName":208,"dataGaLocation":59},"/customers/","customer success stories",{"text":210,"config":211},"Remote",{"href":212,"dataGaName":213,"dataGaLocation":59},"https://handbook.gitlab.com/handbook/company/culture/all-remote/","remote",{"text":215,"config":216},"GitLab Services",{"href":217,"dataGaName":218,"dataGaLocation":59},"/services/","services",{"text":220,"config":221},"TeamOps",{"href":222,"dataGaName":223,"dataGaLocation":59},"/teamops/","teamops",{"text":225,"config":226},"Community",{"href":227,"dataGaName":228,"dataGaLocation":59},"/community/","community",{"text":230,"config":231},"Forum",{"href":232,"dataGaName":233,"dataGaLocation":59},"https://forum.gitlab.com/","forum",{"text":235,"config":236},"Events",{"href":237,"dataGaName":238,"dataGaLocation":59},"/events/","events",{"text":240,"config":241},"Partners",{"href":242,"dataGaName":243,"dataGaLocation":59},"/partners/","partners",{"title":245,"links":246},"Company",[247,252,257,262,267,272,277,281,286,291,296,301],{"text":248,"config":249},"About",{"href":250,"dataGaName":251,"dataGaLocation":59},"/company/","company",{"text":253,"config":254},"Jobs",{"href":255,"dataGaName":256,"dataGaLocation":59},"/jobs/","jobs",{"text":258,"config":259},"Leadership",{"href":260,"dataGaName":261,"dataGaLocation":59},"/company/team/e-group/","leadership",{"text":263,"config":264},"Team",{"href":265,"dataGaName":266,"dataGaLocation":59},"/company/team/","team",{"text":268,"config":269},"Handbook",{"href":270,"dataGaName":271,"dataGaLocation":59},"https://handbook.gitlab.com/","handbook",{"text":273,"config":274},"Investor relations",{"href":275,"dataGaName":276,"dataGaLocation":59},"https://ir.gitlab.com/","investor relations",{"text":278,"config":279},"Sustainability",{"href":280,"dataGaName":278,"dataGaLocation":59},"/sustainability/",{"text":282,"config":283},"Diversity, inclusion and belonging (DIB)",{"href":284,"dataGaName":285,"dataGaLocation":59},"/diversity-inclusion-belonging/","Diversity, inclusion and belonging",{"text":287,"config":288},"Trust Center",{"href":289,"dataGaName":290,"dataGaLocation":59},"/security/","trust center",{"text":292,"config":293},"Newsletter",{"href":294,"dataGaName":295,"dataGaLocation":59},"/company/contact/","newsletter",{"text":297,"config":298},"Press",{"href":299,"dataGaName":300,"dataGaLocation":59},"/press/","press",{"text":302,"config":303},"Modern Slavery Transparency Statement",{"href":304,"dataGaName":305,"dataGaLocation":59},"https://handbook.gitlab.com/handbook/legal/modern-slavery-act-transparency-statement/","modern slavery transparency statement",{"title":307,"links":308},"Contact Us",[309,314,319,324,329,334,339],{"text":310,"config":311},"Contact an expert",{"href":312,"dataGaName":313,"dataGaLocation":59},"/sales/","sales",{"text":315,"config":316},"Get help",{"href":317,"dataGaName":318,"dataGaLocation":59},"/support/","get help",{"text":320,"config":321},"Customer portal",{"href":322,"dataGaName":323,"dataGaLocation":59},"https://customers.gitlab.com/customers/sign_in/","customer portal",{"text":325,"config":326},"Status",{"href":327,"dataGaName":328,"dataGaLocation":59},"https://status.gitlab.com/","status",{"text":330,"config":331},"Terms of use",{"href":332,"dataGaName":333,"dataGaLocation":59},"/terms/","terms of use",{"text":335,"config":336},"Privacy statement",{"href":337,"dataGaName":338,"dataGaLocation":59},"/privacy/","privacy statement",{"text":340,"config":341},"Cookie preferences",{"dataGaName":342,"dataGaLocation":59,"id":343,"isOneTrustButton":344},"cookie preferences","ot-sdk-btn",true,{"items":346},[347,349,351],{"text":330,"config":348},{"href":332,"dataGaName":333,"dataGaLocation":59},{"text":335,"config":350},{"href":337,"dataGaName":338,"dataGaLocation":59},{"text":340,"config":352},{"dataGaName":342,"dataGaLocation":59,"id":343,"isOneTrustButton":344},"content:shared:en-us:main-footer.yml","Main Footer","shared/en-us/main-footer.yml","shared/en-us/main-footer",{"_path":358,"_dir":9,"_draft":6,"_partial":6,"_locale":7,"logo":359,"subscribeLink":364,"navItems":368,"_id":380,"_type":44,"title":381,"_source":45,"_file":382,"_stem":383,"_extension":48},"/shared/en-us/the-source/navigation",{"altText":360,"config":361},"the source logo",{"src":362,"href":363},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1750191004/t7wz1klfb2kxkezksv9t.svg","/the-source/",{"text":365,"config":366},"Subscribe",{"href":367},"#subscribe",[369,373,376],{"text":370,"config":371},"Artificial Intelligence",{"href":372},"/the-source/ai/",{"text":112,"config":374},{"href":375},"/the-source/security/",{"text":377,"config":378},"Platform & Infrastructure",{"href":379},"/the-source/platform/","content:shared:en-us:the-source:navigation.yml","Navigation","shared/en-us/the-source/navigation.yml","shared/en-us/the-source/navigation",{"_path":385,"_dir":9,"_draft":6,"_partial":6,"_locale":7,"title":386,"description":387,"submitMessage":388,"formData":389,"_id":393,"_type":44,"_source":45,"_file":394,"_stem":395,"_extension":48},"/shared/en-us/the-source/newsletter","The Source Newsletter","Stay updated with insights for the future of software development.","You have successfully signed up for The Source’s newsletter.",{"config":390},{"formId":391,"formName":392,"hideRequiredLabel":344},1077,"thesourcenewsletter","content:shared:en-us:the-source:newsletter.yml","shared/en-us/the-source/newsletter.yml","shared/en-us/the-source/newsletter",{"_path":397,"_dir":9,"_draft":6,"_partial":6,"_locale":7,"type":398,"config":399,"seo":400,"content":403,"slug":5,"_id":417,"_type":44,"title":7,"_source":45,"_file":418,"_stem":419,"_extension":48},"/en-us/the-source/security","category",{"layout":9},{"title":112,"description":401,"ogImage":402},"Get up to speed on how organizations can ensure they're staying on top of evolving security threats and compliance requirements.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463273/aplkxrvwpii26xao5yhi.png",[404,409],{"componentName":405,"type":405,"componentContent":406},"TheSourceCategoryHero",{"title":112,"description":401,"image":407},{"config":408},{"src":402},{"componentName":410,"type":410,"componentContent":411},"TheSourceCategoryMainSection",{"config":412},{"gatedAssets":413},[414,415,416],"source-lp-guide-to-dynamic-sboms","source-lp-devsecops-the-key-to-modern-security-resilience","application-security-in-the-digital-age","content:en-us:the-source:security:index.yml","en-us/the-source/security/index.yml","en-us/the-source/security/index",{"_path":421,"_dir":422,"_draft":6,"_partial":6,"_locale":7,"config":423,"title":425,"description":426,"link":427,"_id":433,"_type":44,"_source":45,"_file":434,"_stem":435,"_extension":48},"/shared/en-us/the-source/gated-assets/application-security-in-the-digital-age","gated-assets",{"id":416,"formId":424},1002,"Application security in the digital age","Read our survey findings from more than 5,000 DevSecOps professionals worldwide for insights on how organizations are grappling with increasing attack surfaces and changing attitudes towards security and AI.",{"text":428,"config":429},"Read the report",{"href":430,"dataGaName":431,"dataGaLocation":432},"https://about.gitlab.com/developer-survey/2024/security-compliance","Application Security in the Digital Age","thesource","content:shared:en-us:the-source:gated-assets:application-security-in-the-digital-age.yml","shared/en-us/the-source/gated-assets/application-security-in-the-digital-age.yml","shared/en-us/the-source/gated-assets/application-security-in-the-digital-age",{"_path":397,"_dir":9,"_draft":6,"_partial":6,"_locale":7,"type":398,"config":437,"seo":438,"content":439,"slug":5,"_id":417,"_type":44,"title":7,"_source":45,"_file":418,"_stem":419,"_extension":48},{"layout":9},{"title":112,"description":401,"ogImage":402},[440,444],{"componentName":405,"type":405,"componentContent":441},{"title":112,"description":401,"image":442},{"config":443},{"src":402},{"componentName":410,"type":410,"componentContent":445},{"config":446},{"gatedAssets":447},[414,415,416],[449,453,466],{"_path":421,"_dir":422,"_draft":6,"_partial":6,"_locale":7,"config":450,"title":425,"description":426,"link":451,"_id":433,"_type":44,"_source":45,"_file":434,"_stem":435,"_extension":48},{"id":416,"formId":424},{"text":428,"config":452},{"href":430,"dataGaName":431,"dataGaLocation":432},{"_path":454,"_dir":422,"_draft":6,"_partial":6,"_locale":7,"config":455,"title":456,"description":457,"link":458,"_id":463,"_type":44,"_source":45,"_file":464,"_stem":465,"_extension":48},"/shared/en-us/the-source/gated-assets/source-lp-devsecops-the-key-to-modern-security-resilience",{"id":415},"DevSecOps: The key to modern security resilience","Learn how embedding security in development can slash incident response time by 720x and save millions in security costs annually.",{"text":459,"config":460},"Download the guide",{"href":461,"dataGaName":462,"dataGaLocation":432},"https://about.gitlab.com/the-source/security/devsecops-the-key-to-modern-security-resilience/","DevSecOps the key to modern security resilience","content:shared:en-us:the-source:gated-assets:source-lp-devsecops-the-key-to-modern-security-resilience.yml","shared/en-us/the-source/gated-assets/source-lp-devsecops-the-key-to-modern-security-resilience.yml","shared/en-us/the-source/gated-assets/source-lp-devsecops-the-key-to-modern-security-resilience",{"_path":467,"_dir":422,"_draft":6,"_partial":6,"_locale":7,"config":468,"title":469,"description":470,"link":471,"_id":476,"_type":44,"_source":45,"_file":477,"_stem":478,"_extension":48},"/shared/en-us/the-source/gated-assets/source-lp-guide-to-dynamic-sboms",{"id":414},"Guide to dynamic SBOMs: An integral element of modern software development","Learn how to gain visibility into previously unidentified organizational risks with a software bill of materials (SBOM).",{"text":472,"config":473},"Read the guide",{"href":474,"dataGaName":475,"dataGaLocation":432},"https://about.gitlab.com/the-source/security/guide-to-dynamic-sboms/","Guide to Dynamic SBOMs","content:shared:en-us:the-source:gated-assets:source-lp-guide-to-dynamic-sboms.yml","shared/en-us/the-source/gated-assets/source-lp-guide-to-dynamic-sboms.yml","shared/en-us/the-source/gated-assets/source-lp-guide-to-dynamic-sboms",[480,505,521,539,555,575,596,618,634,653,675,693,714,730,749,765,783,803,821,840,861,882,898,914,934,952,973,991,1010,1026,1047],{"_path":481,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":483,"seo":484,"content":486,"type":500,"slug":501,"_id":502,"_type":44,"title":485,"_source":45,"_file":503,"_stem":504,"_extension":48},"/en-us/the-source/authors/amanda-rueda","authors",{"layout":9},{"title":485},"Amanda Rueda",[487,498],{"type":488,"componentName":488,"componentContent":489},"TheSourceAuthorHero",{"config":490,"name":485,"role":493,"bio":494,"headshot":495},{"gitlabHandle":491,"linkedInProfileUrl":492},"amandarueda","https://www.linkedin.com/in/amandamrueda/","Senior Product Manager","Amanda Rueda is a Senior Product Manager at GitLab, specializing in strategic product vision, agile planning, and leveraging AI to enhance workflows and user experiences. Amanda is a thought leader in agile planning and product management workflows, and enjoys building GitLab features that drive team collaboration, transparent project management, and high-performing teams.",{"altText":485,"config":496},{"src":497},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463383/osecw1pzbxvb7fhqhiky.png",{"componentName":499,"type":499},"TheSourceArticlesList","author","amanda-rueda","content:en-us:the-source:authors:amanda-rueda.yml","en-us/the-source/authors/amanda-rueda.yml","en-us/the-source/authors/amanda-rueda",{"_path":506,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":507,"seo":508,"content":510,"type":500,"slug":517,"_id":518,"_type":44,"title":509,"_source":45,"_file":519,"_stem":520,"_extension":48},"/en-us/the-source/authors/andre-michael-braun",{"layout":9},{"title":509},"Andre Michael Braun",[511,516],{"type":488,"componentName":488,"componentContent":512},{"name":509,"headshot":513},{"altText":509,"config":514},{"src":515},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463336/yl27k7wdlnkzsizwknn1.jpg",{"componentName":499,"type":499},"andre-michael-braun","content:en-us:the-source:authors:andre-michael-braun.yml","en-us/the-source/authors/andre-michael-braun.yml","en-us/the-source/authors/andre-michael-braun",{"_path":522,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":523,"seo":524,"content":526,"type":500,"slug":535,"_id":536,"_type":44,"title":525,"_source":45,"_file":537,"_stem":538,"_extension":48},"/en-us/the-source/authors/andrew-haschka",{"layout":9},{"title":525},"Andrew Haschka",[527,534],{"type":488,"componentName":488,"componentContent":528},{"name":525,"role":529,"bio":530,"headshot":531},"Field CTO, Asia Pacific & Japan","Andrew Haschka is the CTO for Asia Pacific & Japan at GitLab, acting as the trusted advisor to GitLab partners and customers. Andrew takes a consultative approach to address common and unique business requirements. He provides subject matter expertise and industry experience throughout the customer’s modernisation journey, working with product management and engineering teams to evolve product features to meet market demand.",{"altText":525,"config":532},{"src":533},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463349/z1qnc4uxmqgg3hnm3da4.png",{"componentName":499,"type":499},"andrew-haschka","content:en-us:the-source:authors:andrew-haschka.yml","en-us/the-source/authors/andrew-haschka.yml","en-us/the-source/authors/andrew-haschka",{"_path":540,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":541,"seo":542,"content":544,"type":500,"slug":551,"_id":552,"_type":44,"title":543,"_source":45,"_file":553,"_stem":554,"_extension":48},"/en-us/the-source/authors/ayoub-fandi",{"layout":9},{"title":543},"Ayoub Fandi",[545,550],{"componentName":488,"type":488,"componentContent":546},{"name":543,"headshot":547},{"altText":543,"config":548},{"src":549},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463329/wyp554loeyoibx3ozren.jpg",{"componentName":499,"type":499},"ayoub-fandi","content:en-us:the-source:authors:ayoub-fandi.yml","en-us/the-source/authors/ayoub-fandi.yml","en-us/the-source/authors/ayoub-fandi",{"_path":556,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":557,"seo":558,"content":560,"type":500,"slug":571,"_id":572,"_type":44,"title":559,"_source":45,"_file":573,"_stem":574,"_extension":48},"/en-us/the-source/authors/bob-stevens",{"layout":9},{"title":559},"Bob Stevens",[561,570],{"componentName":488,"type":488,"componentContent":562},{"config":563,"name":559,"role":566,"headshot":567},{"gitlabHandle":564,"linkedInProfileUrl":565},"bstevens1","https://www.linkedin.com/in/bob-stevens-1237564/","Public Sector Area Vice President, GitLab",{"altText":559,"config":568},{"src":569},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1752687939/mv3lhtimdzr8jmfqmbk1.jpg",{"componentName":499,"type":499},"bob-stevens","content:en-us:the-source:authors:bob-stevens.yml","en-us/the-source/authors/bob-stevens.yml","en-us/the-source/authors/bob-stevens",{"_path":576,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":577,"seo":578,"content":580,"type":500,"slug":592,"_id":593,"_type":44,"title":579,"_source":45,"_file":594,"_stem":595,"_extension":48},"/en-us/the-source/authors/brian-wald",{"layout":9},{"title":579},"Brian Wald",[581,591],{"componentName":488,"type":488,"componentContent":582},{"config":583,"name":579,"role":586,"bio":587,"headshot":588},{"gitlabHandle":584,"linkedInProfileUrl":585},"brianwald","https://www.linkedin.com/in/brianwald/","Head of Global Field CTO org","Brian Wald is Head of Global Field CTO org at GitLab. He leads a dynamic team of Field CTOs dedicated to transforming enterprise software development practices.",{"altText":579,"config":589},{"src":590},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463417/fugpbux9miqbdx3wewtu.jpg",{"componentName":499,"type":499},"brian-wald","content:en-us:the-source:authors:brian-wald.yml","en-us/the-source/authors/brian-wald.yml","en-us/the-source/authors/brian-wald",{"_path":597,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":598,"seo":599,"content":601,"type":500,"slug":614,"_id":615,"_type":44,"title":600,"_source":45,"_file":616,"_stem":617,"_extension":48},"/en-us/the-source/authors/bryan-ross",{"layout":9},{"title":600},"Bryan Ross",[602,613],{"componentName":488,"type":488,"componentContent":603},{"config":604,"name":600,"role":608,"bio":609,"headshot":610},{"gitlabHandle":605,"twitterXProfileUrl":606,"linkedInProfileUrl":607},"bryanrossuk","https://twitter.com/bryanrossuk","https://www.linkedin.com/in/bryanross","Field CTO","With over 15 years of industry experience as a senior IT leader, Bryan helps customers realize business value from IT faster. Equally comfortable speaking with executives and engineers alike, he bridges the gap between technical and business stakeholders through compelling storytelling and real-world examples. With a knack for delivering authentic, impactful messages, he enjoys helping others at the intersection of technology, people and process.",{"altText":600,"config":611},{"src":612},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463324/mvdyvskii4hltdrgqxom.jpg",{"componentName":499,"type":499},"bryan-ross","content:en-us:the-source:authors:bryan-ross.yml","en-us/the-source/authors/bryan-ross.yml","en-us/the-source/authors/bryan-ross",{"_path":619,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":620,"seo":621,"content":623,"type":500,"slug":630,"_id":631,"_type":44,"title":622,"_source":45,"_file":632,"_stem":633,"_extension":48},"/en-us/the-source/authors/chandler-gibbons",{"layout":9},{"title":622},"Chandler Gibbons",[624,629],{"componentName":488,"type":488,"componentContent":625},{"name":622,"headshot":626},{"altText":622,"config":627},{"src":628},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463362/o7g9fqtqtjvegfwniuxh.jpg",{"componentName":499,"type":499},"chandler-gibbons","content:en-us:the-source:authors:chandler-gibbons.yml","en-us/the-source/authors/chandler-gibbons.yml","en-us/the-source/authors/chandler-gibbons",{"_path":635,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":636,"seo":637,"content":639,"type":500,"slug":649,"_id":650,"_type":44,"title":638,"_source":45,"_file":651,"_stem":652,"_extension":48},"/en-us/the-source/authors/dave-steer",{"layout":9},{"title":638},"Dave Steer",[640,648],{"componentName":488,"type":488,"componentContent":641},{"config":642,"name":638,"role":644,"headshot":645},{"gitlabHandle":643},"dsteer","Vice President, Product Marketing",{"altText":638,"config":646},{"src":647},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463457/zbtapdkglu3yb9suaq7w.png",{"componentName":499,"type":499},"dave-steer","content:en-us:the-source:authors:dave-steer.yml","en-us/the-source/authors/dave-steer.yml","en-us/the-source/authors/dave-steer",{"_path":654,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":655,"seo":656,"content":658,"type":500,"slug":670,"_id":671,"_type":44,"title":672,"_source":45,"_file":673,"_stem":674,"_extension":48},"/en-us/the-source/authors/ddesanto",{"layout":9},{"title":657},"David DeSanto",[659,669],{"componentName":488,"type":488,"componentContent":660},{"config":661,"name":657,"role":664,"bio":665,"headshot":666},{"gitlabHandle":662,"linkedInProfileUrl":663},"david","https://www.linkedin.com/in/ddesanto/","Chief Product Officer","David DeSanto is the Chief Product Officer at GitLab Inc., where he leads GitLab’s product division to define and execute GitLab's product vision and roadmap. David is responsible for ensuring the company builds, ships, and supports the platform that reinforces GitLab's leadership in the DevSecOps platform market.",{"altText":657,"config":667},{"src":668},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463446/bgnljs84zcsxj0t6nvix.png",{"componentName":499,"type":499},"ddesanto","content:en-us:the-source:authors:ddesanto.yml","Ddesanto","en-us/the-source/authors/ddesanto.yml","en-us/the-source/authors/ddesanto",{"_path":676,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":677,"seo":678,"content":680,"type":500,"slug":688,"_id":689,"_type":44,"title":690,"_source":45,"_file":691,"_stem":692,"_extension":48},"/en-us/the-source/authors/derek-debellis",{"layout":9},{"title":679},"Derek DeBellis",[681,687],{"componentName":488,"type":488,"componentContent":682},{"name":679,"role":683,"headshot":684},"Lead Researcher, Google's DORA team ",{"altText":679,"config":685},{"src":686},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463385/sbnjwfaguszi5g2smzr7.png",{"componentName":499,"type":499},"derek-debellis","content:en-us:the-source:authors:derek-debellis.yml","Derek Debellis","en-us/the-source/authors/derek-debellis.yml","en-us/the-source/authors/derek-debellis",{"_path":694,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":695,"seo":696,"content":698,"type":500,"slug":710,"_id":711,"_type":44,"title":697,"_source":45,"_file":712,"_stem":713,"_extension":48},"/en-us/the-source/authors/emilio-salvador",{"layout":9},{"title":697},"Emilio Salvador",[699,709],{"componentName":488,"type":488,"componentContent":700},{"config":701,"name":697,"role":704,"bio":705,"headshot":706},{"gitlabHandle":702,"linkedInProfileUrl":703},"esalvadorp","https://www.linkedin.com/in/emiliosp/","Vice President, Strategy and Developer Relations","Emilio Salvador is vice president of strategy and developer relations at GitLab. A technology executive with more than 20 years of experience, Emilio has held roles at Amazon and Microsoft, and most recently led strategy and operations for the Developer Advocacy and Experience team at Google. He holds an MBA from MIT Sloan School of Management.",{"altText":697,"config":707},{"src":708},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463402/g0snp3uisjm4tj3pkqcw.jpg",{"componentName":499,"type":499},"emilio-salvador","content:en-us:the-source:authors:emilio-salvador.yml","en-us/the-source/authors/emilio-salvador.yml","en-us/the-source/authors/emilio-salvador",{"_path":715,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":716,"seo":717,"content":719,"type":500,"slug":726,"_id":727,"_type":44,"title":718,"_source":45,"_file":728,"_stem":729,"_extension":48},"/en-us/the-source/authors/erika-feldman",{"layout":9},{"title":718},"Erika Feldman",[720,725],{"componentName":488,"type":488,"componentContent":721},{"name":718,"headshot":722},{"altText":718,"config":723},{"src":724},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463354/d9quqvz7d2ayjwif7vdn.png",{"componentName":499,"type":499},"erika-feldman","content:en-us:the-source:authors:erika-feldman.yml","en-us/the-source/authors/erika-feldman.yml","en-us/the-source/authors/erika-feldman",{"_path":731,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":732,"seo":733,"content":735,"type":500,"slug":745,"_id":746,"_type":44,"title":734,"_source":45,"_file":747,"_stem":748,"_extension":48},"/en-us/the-source/authors/george-kichukov",{"layout":9},{"title":734},"George Kichukov",[736,744],{"componentName":488,"type":488,"componentContent":737},{"config":738,"name":734,"role":608,"bio":740,"headshot":741},{"gitlabHandle":739},"gkichukov","George Kichukov brings over two decades of expertise in software development, enterprise architecture, and technology leadership to his role as Financial Services Field CTO for GitLab. His career began in the startup ecosystem, where he spent five years developing name-matching technologies deployed across government, defense, and financial services. George transitioned into solution architecture, where he guided financial institutions in modernizing their application development practices. Prior to GitLab, George spent 12 years at a large financial services organization leading developer services, application security programs and DevOps infrastructure automation platforms. In his current role at GitLab, George partners with financial services organizations, helping them achieve their strategic objectives in DevOps, DevSecOps, Developer Experience, SDLC compliance, and using AI across software development.",{"altText":734,"config":742},{"src":743},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463366/dk2knfancgsxocjkmyoa.jpg",{"componentName":499,"type":499},"george-kichukov","content:en-us:the-source:authors:george-kichukov.yml","en-us/the-source/authors/george-kichukov.yml","en-us/the-source/authors/george-kichukov",{"_path":750,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":751,"seo":752,"content":754,"type":500,"slug":12,"_id":761,"_type":44,"title":762,"_source":45,"_file":763,"_stem":764,"_extension":48},"/en-us/the-source/authors/gitlab",{"layout":9},{"title":753},"GitLab",[755,760],{"componentName":488,"type":488,"componentContent":756},{"name":753,"headshot":757},{"altText":753,"config":758},{"src":759},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463461/ts7io0hgpdyqylbzfire.png",{"componentName":499,"type":499},"content:en-us:the-source:authors:gitlab.yml","Gitlab","en-us/the-source/authors/gitlab.yml","en-us/the-source/authors/gitlab",{"_path":766,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":767,"seo":768,"content":770,"type":500,"slug":779,"_id":780,"_type":44,"title":769,"_source":45,"_file":781,"_stem":782,"_extension":48},"/en-us/the-source/authors/grant-hickman",{"layout":9},{"title":769},"Grant Hickman",[771,778],{"componentName":488,"type":488,"componentContent":772},{"config":773,"name":769,"headshot":775},{"gitlabHandle":774},"g.hickman",{"altText":769,"config":776},{"src":777},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463463/f3uqwtugqotyhwutz5gu.png",{"componentName":499,"type":499},"grant-hickman","content:en-us:the-source:authors:grant-hickman.yml","en-us/the-source/authors/grant-hickman.yml","en-us/the-source/authors/grant-hickman",{"_path":784,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":785,"seo":786,"content":788,"type":500,"slug":799,"_id":800,"_type":44,"title":787,"_source":45,"_file":801,"_stem":802,"_extension":48},"/en-us/the-source/authors/haim-snir",{"layout":9},{"title":787},"Haim Snir",[789,798],{"componentName":488,"type":488,"componentContent":790},{"config":791,"name":787,"role":794,"headshot":795},{"gitlabHandle":792,"linkedInProfileUrl":793},"hsnir1","https://www.linkedin.com/in/haimsnir/","Senior Product Manager, Dev & Analytics, GitLab",{"altText":787,"config":796},{"src":797},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463395/nubmshvaq8wpomopllni.png",{"componentName":499,"type":499},"haim-snir","content:en-us:the-source:authors:haim-snir.yml","en-us/the-source/authors/haim-snir.yml","en-us/the-source/authors/haim-snir",{"_path":804,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":805,"seo":806,"content":808,"type":500,"slug":812,"_id":817,"_type":44,"title":818,"_source":45,"_file":819,"_stem":820,"_extension":48},"/en-us/the-source/authors/iganbaruch",{"layout":9},{"title":807},"Itzik Gan Baruch",[809,816],{"componentName":488,"type":488,"componentContent":810},{"config":811,"name":807,"headshot":813},{"gitlabHandle":812},"iganbaruch",{"altText":807,"config":814},{"src":815},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463443/vibb2fkc0ojni2d1eqde.png",{"componentName":499,"type":499},"content:en-us:the-source:authors:iganbaruch.yml","Iganbaruch","en-us/the-source/authors/iganbaruch.yml","en-us/the-source/authors/iganbaruch",{"_path":822,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":823,"seo":824,"content":826,"type":500,"slug":835,"_id":836,"_type":44,"title":837,"_source":45,"_file":838,"_stem":839,"_extension":48},"/en-us/the-source/authors/jlongo",{"layout":9},{"title":825},"Joseph Longo",[827,834],{"componentName":488,"type":488,"componentContent":828},{"config":829,"name":825,"headshot":831},{"gitlabHandle":830},"jlongo_gitlab",{"altText":825,"config":832},{"src":833},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463434/uoxaknpmoposbbgzqji8.png",{"componentName":499,"type":499},"jlongo","content:en-us:the-source:authors:jlongo.yml","Jlongo","en-us/the-source/authors/jlongo.yml","en-us/the-source/authors/jlongo",{"_path":841,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":842,"seo":843,"content":845,"type":500,"slug":857,"_id":858,"_type":44,"title":844,"_source":45,"_file":859,"_stem":860,"_extension":48},"/en-us/the-source/authors/joel-krooswyk",{"layout":9},{"title":844},"Joel Krooswyk",[846,856],{"componentName":488,"type":488,"componentContent":847},{"config":848,"name":844,"role":851,"bio":852,"headshot":853},{"gitlabHandle":849,"linkedInProfileUrl":850},"jkrooswyk","https://www.linkedin.com/in/joelrkrooswyk/","Federal CTO","Joel Krooswyk is the Federal CTO at GitLab. Joel has actively been involved in GitLab’s growth since 2017. His 25 years of leadership experience span not only the U.S. Public Sector, but also small, mid-market, and enterprise businesses globally. Joel combines deep government policy expertise with a wealth of experience in technology, software development, AI, and cybersecurity. He is frequently called upon by industry and agencies alike for policy commentary and response.",{"altText":844,"config":854},{"src":855},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463423/mkmdhuxsjggfvokdmdv7.jpg",{"componentName":499,"type":499},"joel-krooswyk","content:en-us:the-source:authors:joel-krooswyk.yml","en-us/the-source/authors/joel-krooswyk.yml","en-us/the-source/authors/joel-krooswyk",{"_path":862,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":863,"seo":864,"content":866,"type":500,"slug":878,"_id":879,"_type":44,"title":865,"_source":45,"_file":880,"_stem":881,"_extension":48},"/en-us/the-source/authors/josh-lemos",{"layout":9},{"title":865},"Josh Lemos",[867,877],{"componentName":488,"type":488,"componentContent":868},{"config":869,"name":865,"role":872,"bio":873,"headshot":874},{"gitlabHandle":870,"linkedInProfileUrl":871},"joshlemos","https://www.linkedin.com/in/joshlemos/","Chief Information Security Officer","Josh Lemos is the Chief Information Security Officer at GitLab Inc., where he brings 20 years of experience leading information security teams to his role. He is responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected, fortifying the Gitlab DevSecOps platform and ensuring the highest level of security for customers.",{"altText":865,"config":875},{"src":876},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463405/f4rqtiecakrekvxfhqar.jpg",{"componentName":499,"type":499},"josh-lemos","content:en-us:the-source:authors:josh-lemos.yml","en-us/the-source/authors/josh-lemos.yml","en-us/the-source/authors/josh-lemos",{"_path":883,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":884,"seo":885,"content":887,"type":500,"slug":894,"_id":895,"_type":44,"title":886,"_source":45,"_file":896,"_stem":897,"_extension":48},"/en-us/the-source/authors/julie-griffin",{"layout":9},{"title":886},"Julie Griffin",[888,893],{"componentName":488,"type":488,"componentContent":889},{"name":886,"headshot":890},{"altText":886,"config":891},{"src":892},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463371/hqkbr3uk8hw2de7tltn4.webp",{"componentName":499,"type":499},"julie-griffin","content:en-us:the-source:authors:julie-griffin.yml","en-us/the-source/authors/julie-griffin.yml","en-us/the-source/authors/julie-griffin",{"_path":899,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":900,"seo":901,"content":903,"type":500,"slug":910,"_id":911,"_type":44,"title":902,"_source":45,"_file":912,"_stem":913,"_extension":48},"/en-us/the-source/authors/kristina-weis",{"layout":9},{"title":902},"Kristina Weis",[904,909],{"componentName":488,"type":488,"componentContent":905},{"name":902,"headshot":906},{"altText":902,"config":907},{"src":908},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463469/eoolq6n6bs0zb8gmf0js.webp",{"componentName":499,"type":499},"kristina-weis","content:en-us:the-source:authors:kristina-weis.yml","en-us/the-source/authors/kristina-weis.yml","en-us/the-source/authors/kristina-weis",{"_path":915,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":916,"seo":917,"content":919,"type":500,"slug":930,"_id":931,"_type":44,"title":918,"_source":45,"_file":932,"_stem":933,"_extension":48},"/en-us/the-source/authors/lee-faus",{"layout":9},{"title":918},"Lee Faus",[920,929],{"componentName":488,"type":488,"componentContent":921},{"config":922,"name":918,"role":924,"bio":925,"headshot":926},{"gitlabHandle":923},"lfaus","Global Field CTO","Lee Faus is a Global Field CTO at GitLab. Lee has been a software architect, teacher, professor, and educator for over 25 years. He leverages his experience as an educator to bring complex technology concepts into a business forum where executives gain valuable advice to positively impact their business.",{"altText":918,"config":927},{"src":928},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463398/vivhlomglvnstamj54bo.jpg",{"componentName":499,"type":499},"lee-faus","content:en-us:the-source:authors:lee-faus.yml","en-us/the-source/authors/lee-faus.yml","en-us/the-source/authors/lee-faus",{"_path":935,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":936,"seo":937,"content":939,"type":500,"slug":943,"_id":948,"_type":44,"title":949,"_source":45,"_file":950,"_stem":951,"_extension":48},"/en-us/the-source/authors/ncregan",{"layout":9},{"title":938},"Niall Cregan",[940,947],{"componentName":488,"type":488,"componentContent":941},{"config":942,"name":938,"headshot":944},{"gitlabHandle":943},"ncregan",{"altText":938,"config":945},{"src":946},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463431/yrtwodocb4cu3j7lkhyo.png",{"componentName":499,"type":499},"content:en-us:the-source:authors:ncregan.yml","Ncregan","en-us/the-source/authors/ncregan.yml","en-us/the-source/authors/ncregan",{"_path":953,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":954,"seo":955,"content":957,"type":500,"slug":968,"_id":969,"_type":44,"title":970,"_source":45,"_file":971,"_stem":972,"_extension":48},"/en-us/the-source/authors/rschulman",{"layout":9},{"title":956},"Robin Schulman",[958,967],{"componentName":488,"type":488,"componentContent":959},{"config":960,"name":956,"role":962,"bio":963,"headshot":964},{"gitlabHandle":961},"robin","Chief Legal Officer","Robin Schulman is the Chief Legal Officer, Head of Corporate Affairs, and Corporate Secretary of GitLab Inc., the DevSecOps platform.",{"altText":956,"config":965},{"src":966},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463437/u2xfbudw1f8hhnkrgaoy.webp",{"componentName":499,"type":499},"rschulman","content:en-us:the-source:authors:rschulman.yml","Rschulman","en-us/the-source/authors/rschulman.yml","en-us/the-source/authors/rschulman",{"_path":974,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":975,"seo":976,"content":978,"type":500,"slug":987,"_id":988,"_type":44,"title":977,"_source":45,"_file":989,"_stem":990,"_extension":48},"/en-us/the-source/authors/sabrina-farmer",{"layout":9},{"title":977},"Sabrina Farmer",[979,986],{"componentName":488,"type":488,"componentContent":980},{"name":977,"role":981,"bio":982,"headshot":983},"Chief Technology Officer","Sabrina Farmer is the Chief Technology Officer at GitLab, where she leads software engineering, operations, and customer support teams to execute the company's technical vision and strategy and oversee the development and delivery of GitLab's products and services.\n\nPrior to GitLab, Sabrina spent nearly two decades at Google, where she most recently served as vice president of engineering, core infrastructure. During her tenure with Google, she was directly responsible for the reliability, performance, and efficiency of all of Google's billion-user products and infrastructure.\n\nA long-time advocate for women in technology, Farmer earned a B.S. in Computer Science at the University of New Orleans, where she established two scholarships to help level the playing field for inclusion and empowerment in technology.",{"altText":977,"config":984},{"src":985},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463377/udmzbjjr5xrcrffdlphx.webp",{"componentName":499,"type":499},"sabrina-farmer","content:en-us:the-source:authors:sabrina-farmer.yml","en-us/the-source/authors/sabrina-farmer.yml","en-us/the-source/authors/sabrina-farmer",{"_path":992,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":993,"seo":994,"content":996,"type":500,"slug":1006,"_id":1007,"_type":44,"title":995,"_source":45,"_file":1008,"_stem":1009,"_extension":48},"/en-us/the-source/authors/sandra-gittlen",{"layout":9},{"title":995},"Sandra Gittlen",[997,1005],{"componentName":488,"type":488,"componentContent":998},{"config":999,"name":995,"role":1001,"headshot":1002},{"gitlabHandle":1000},"sgittlen","Managing Editor, Blog",{"altText":995,"config":1003},{"src":1004},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463466/r7ckb9h2zr4c2rsz3zlm.png",{"componentName":499,"type":499},"sandra-gittlen","content:en-us:the-source:authors:sandra-gittlen.yml","en-us/the-source/authors/sandra-gittlen.yml","en-us/the-source/authors/sandra-gittlen",{"_path":1011,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":1012,"seo":1013,"content":1015,"type":500,"slug":1022,"_id":1023,"_type":44,"title":1014,"_source":45,"_file":1024,"_stem":1025,"_extension":48},"/en-us/the-source/authors/sharon-gaudin",{"layout":9},{"title":1014},"Sharon Gaudin",[1016,1021],{"componentName":488,"type":488,"componentContent":1017},{"name":1014,"headshot":1018},{"altText":1014,"config":1019},{"src":1020},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463475/h6j4nnvykzyfzgvl7txb.webp",{"componentName":499,"type":499},"sharon-gaudin","content:en-us:the-source:authors:sharon-gaudin.yml","en-us/the-source/authors/sharon-gaudin.yml","en-us/the-source/authors/sharon-gaudin",{"_path":1027,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":1028,"seo":1029,"content":1031,"type":500,"slug":1043,"_id":1044,"_type":44,"title":1030,"_source":45,"_file":1045,"_stem":1046,"_extension":48},"/en-us/the-source/authors/stephen-walters",{"layout":9},{"title":1030},"Stephen Walters",[1032,1042],{"componentName":488,"type":488,"componentContent":1033},{"config":1034,"name":1030,"role":1037,"bio":1038,"headshot":1039},{"gitlabHandle":1035,"linkedInProfileUrl":1036},"swalters1","https://www.linkedin.com/in/1stephenwalters/","Field CTO, GitLab","Stephen Walters is Field CTO for GitLab. Stephen has been in the IT industry for over 30 years. He is an extensively experienced subject matter expert in Value Stream Management, DevSecOps, DevOps, ALM, SDLC and IT4IT, with management and consultancy experience across end-to-end IT disciplines. Currently also operating as an Ambassador for the DevOps Institute and an Influencer in the Value Stream Management Consortium, he is interested in all things DevOps. Stephen is a co-author of the Value Stream Reference Architectures white paper and is currently pursuing further research into Value Stream Management, Organizational Architecture and AI.",{"altText":1030,"config":1040},{"src":1041},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463392/g6ktk5qb4vcqc9wqjlf9.jpg",{"componentName":499,"type":499},"stephen-walters","content:en-us:the-source:authors:stephen-walters.yml","en-us/the-source/authors/stephen-walters.yml","en-us/the-source/authors/stephen-walters",{"_path":1048,"_dir":482,"_draft":6,"_partial":6,"_locale":7,"config":1049,"seo":1050,"content":1052,"type":500,"slug":1064,"_id":1065,"_type":44,"title":1066,"_source":45,"_file":1067,"_stem":1068,"_extension":48},"/en-us/the-source/authors/taylor-mccaslin",{"layout":9},{"title":1051},"Taylor McCaslin",[1053,1063],{"componentName":488,"type":488,"componentContent":1054},{"config":1055,"name":1051,"role":1058,"bio":1059,"headshot":1060},{"gitlabHandle":1056,"linkedInProfileUrl":1057},"tmccaslin","https://www.linkedin.com/in/taylormccaslin/","Group Manager, Product - Data Science","Taylor McCaslin is the Product Lead for AI/ML at GitLab, where he is responsible for leading the team of product managers who manage the AI Powered and ModelOps stage groups and sets the vision and direction for how to empower GitLab users to leverage data science as part of their DevOps program. Prior to joining GitLab, he held positions at Indeed, Duo Security, and WP Engine.",{"altText":1051,"config":1061},{"src":1062},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463427/trfasilaeasosxfcxmsm.jpg",{"componentName":499,"type":499},"taylor-mccaslin","content:en-us:the-source:authors:taylor-mccaslin.yml","Taylor Mccaslin","en-us/the-source/authors/taylor-mccaslin.yml","en-us/the-source/authors/taylor-mccaslin",1753207415442]