GitLab solution supports US public sector’s focus on application security

Tech Intelligence Bulletin (HG Insights) – GitLab has enhanced its 13.0 product release with a hardened container image in continued support of the US public sector’s focus on application security.

With this development, GitLab reinforces its commitment to providing a secure DevSecOps environment for all of its public sector and regulated industry clients in finance, healthcare, energy, and transportation.

GitLab is experienced in working with the US Department of Defense (DoD) and has been instrumental in the DevSecOps initiatives of agencies such as the US Air Force software factories, as well as programs within the US Army, US Navy and fourth estates agencies. Developed in coordination with the DoD, GitLab software now includes a DoD-compliant hardened container image to address the DevSecOps initiatives of the Pentagon.

Today’s threat landscape

GitLab coordinated with US Air Force software factories, including Kessel Run, LevelUP, Kobayashi Maru, SpaceCAMP, and BESPIN, to develop and provide a complete DevSecOps solution for the factories as they look to deploy software as quickly and securely as possible in response to today’s threat landscape.

“The addition of a hardened container image to our US public sector offering reinforces GitLab’s commitment to providing a secure, end-to-end DevSecOps software development platform that meets the strenuous security and compliance requirements of the US. military and other highly regulated organizations,” said Scott Williamson, executive vice president of product, GitLab. “GitLab’s close coordination with both customers and industry experts to meet these criteria supports not only the needs of our public sector customers, but also ensures that all GitLab users—especially those in critical infrastructure and regulated industries—benefit from the additional security capabilities.”

Faster deployment

“GitLab is a key component of the Platform One DevSecOps product stack supporting the DoD Enterprise DevSecOps Initiative,” said Nicolas Chaillan, chief software officer of the US Air Force and co-lead of the DoD Enterprise DevSecOps Initiative. “Including the GitLab hardened image as part of Iron Bank’s centrally accredited containers of best of breed development tools enables DoD-wide use across classifications, which supports the faster deployment of more secure software across the Department of Defense and regulated industries.”

Hardening helps minimize the risk profile, enables more secure applications to be deployed quickly, and supports continuous authority to operate processes. GitLab’s acceptance as a hardened and secure software solution into Iron Bank, the centralized artifact repository, allows any DoD agency to easily and confidently acquire and implement its software development platform. The Iron Bank repository enables an easier adoption of DevSecOps solutions throughout the DoD.

“Essential to every part of our DevSecOps process”

“GitLab is essential to every part of our DevSecOps process, allowing us to bridge the gap across our developers to product owners. Having a pre-hardened version greatly speeds up deployment to our production systems and slashes platform spin-up and maintenance for our clients. Overall, we can deliver applications to the warfighter exponentially faster due to this capability,” said James ‘Guideaux’ Crocker, lab director, BESPIN, US Air Force.