DevOps.com

  • Latest
    • Articles
    • Features
    • Most Read
    • News
    • News Releases
  • Topics
    • AI
    • Continuous Delivery
    • Continuous Testing
    • Cloud
    • Culture
    • DevSecOps
    • Enterprise DevOps
    • Leadership Suite
    • DevOps Practice
    • ROELBOB
    • DevOps Toolbox
    • IT as Code
  • Videos/Podcasts
    • DevOps Chats
    • DevOps Unbound
  • Webinars
    • Upcoming
    • On-Demand Webinars
  • Library
  • Events
    • Upcoming Events
    • On-Demand Events
  • Sponsored Communities
    • AWS Community Hub
    • CloudBees
    • IT as Code
    • Rocket on DevOps.com
    • Traceable on DevOps.com
    • Quali on DevOps.com
  • Related Sites
    • Techstrong Group
    • Container Journal
    • Security Boulevard
    • Techstrong Research
    • DevOps Chat
    • DevOps Dozen
    • DevOps TV
    • Digital Anarchist
  • Media Kit
  • About
  • AI
  • Cloud
  • Continuous Delivery
  • Continuous Testing
  • DevSecOps
  • Leadership Suite
  • Practices
  • ROELBOB
  • Low-Code/No-Code
  • IT as Code
  • More
    • Application Performance Management/Monitoring
    • Culture
    • Enterprise DevOps

Home » Latest News Releases » GitLab Acquires Gemnasium to Accelerate its Security Roadmap

GitLab Acquires Gemnasium to Accelerate its Security Roadmap

By: DevOps.com on February 1, 2018 1 Comment

Developers can use GitLab to automatically detect security vulnerabilities protecting code from attacks

Recent Posts By DevOps.com
  • Global Next-Generation Software Engineering Conference
  • Akamai Security Research: Financial Services Continues Getting Bombarded with Credential Stuffing and Web Application Attacks
  • Vulcan Cyber Announces New Chief Revenue Officer and Internal Promotions to Accelerate Rapid Growth
More from DevOps.com
Related Posts
  • GitLab Acquires Gemnasium to Accelerate its Security Roadmap
  • The Age of Software Supply Chain Disruption
  • Survey Uncovers Depth of Open Source Software Insecurity
    Related Categories
  • Latest News Releases
Show more
Show less

SAN FRANCISCO, CALIF.—January 30, 2018– Today GitLab, the leading integrated product for the entire DevOps lifecycle, announced it has acquired Gemnasium, a company that provides software to help developers mitigate security vulnerabilities in open source code. GitLab is acquiring both Gemnasium’s technology and its team of experts, who will come on board to implement robust security scanning functionality natively into GitLab’s CI/CD pipelines. Automating application security testing allows businesses to develop and iterate software faster without sacrificing a strong security posture.

DevOps Connect:DevSecOps @ RSAC 2022

With open source software (OSS) adoption rapidly growing, the risk for vulnerabilities is at an all-time high. The number of open source modules in use continues to increase, so the surface area for vulnerabilities to be exploited has expanded far and wide. As the dependency tree goes deeper, it can be daunting or even impossible for developers to keep track of which software they are using and what ramifications its use may have on the business.

Gemnasium has created the best-in-class solution for managing security threats related to open source dependencies. With a larger database and advanced algorithms, their solution finds more vulnerabilities with fewer false positives. This allows developers to protect their code and spot vulnerabilities in open source software before attackers can expose an organization to threats such as malware injections, Denial-of-Service (DoS) attacks and data breaches.

“As a team of engineers, we’re excited to join the GitLab team and bring the benefits of Gemnasium to the DevOps lifecycle,” said Philippe Lafoucrière, founder of Gemnasium. “Our goal has always been to help developers build the most secure software possible and joining GitLab allows us to do just that.”

GitLab has already begun adding native security functionality, such as the addition of Static Application Security Testing (SAST) in the 10.3 release, along with Dynamic Application Security Testing (DAST) and Container Scanning in the 10.4 release. With the Gemnasium team coming on board, GitLab will further accelerate its security roadmap to bring developers a native and seamless experience for rapidly deploying secure code.

“GitLab’s vision is to provide best-in-class tools for the complete DevOps lifecycle in a single application,” said Sid Sijbrandij, CEO of GitLab. “Gemnasium is the best dependency monitoring solution on the market, and we are excited to be making its team part of the GitLab experience.”

Gemnasium.com will be winding down with an expected end-of-life date of May 15. The Gemnasium team encourages users to migrate to GitLab CI/CD or explore similar services like Snyk, SourceClear, WhiteSource and BlackDuck. For more information, visit https://gemnasium.com/blog/gemnasium-joins-gitlab.

About GitLab
Since its incorporation in 2014, GitLab has quickly become the leading self-hosted Git repository management tool used by software development teams ranging from startups to global enterprise organizations. GitLab has since expanded its product offering to deliver an integrated source code management, code review, test/release automation, and application monitoring product that accelerates and simplifies the software development process. With one end-to-end software development product, GitLab helps teams eliminate unnecessary steps from their workflow, significantly reduce cycle time and focus exclusively on building great software. Today, more than 100,000 organizations, including Ticketmaster, ING, NASDAQ, Alibaba, Sony, and Intel; and millions of users, trust GitLab to bring their modern applications from idea to production, reliably and repeatedly.

Filed Under: Latest News Releases

Sponsored Content
Featured eBook
DevOps: Mastering the Human Element

DevOps: Mastering the Human Element

While building constructive culture, engaging workers individually and helping staff avoid burnout have always been organizationally demanding, they are intensified by the continuous, always-on notion of DevOps.  When we think of work burnout, we often think of grueling workloads and deadline pressures. But it also has to do with mismatched ... Read More
« A Crash Course in Continuous Testing
ExtraHop Introduces Reveal(x) to Expose Attacks on Critical Assets and Automate Investigations »

TechStrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Upcoming Webinars

Continuous Deployment
Monday, July 11, 2022 - 1:00 pm EDT
Using External Tables to Store and Query Data on MinIO With SQL Server 2022
Tuesday, July 12, 2022 - 11:00 am EDT
Goldilocks and the 3 Levels of Cardinality: Getting it Just Right
Tuesday, July 12, 2022 - 1:00 pm EDT

Latest from DevOps.com

Rust in Linux 5.20 | Deepfake Hiring Fraud | IBM WFH ‘New Normal’
June 30, 2022 | Richi Jennings
Moving From Lift-and-Shift to Cloud-Native
June 30, 2022 | Alexander Gallagher
The Two Types of Code Vulnerabilities
June 30, 2022 | Casey Bisson
Common RDS Misconfigurations DevSecOps Teams Should Know
June 29, 2022 | Gad Rosenthal
Quick! Define DevSecOps: Let’s Call it Development Security
June 29, 2022 | Don Macvittie

Get The Top Stories of the Week

  • View DevOps.com Privacy Policy
  • This field is for validation purposes and should be left unchanged.

Download Free eBook

The State of Open Source Vulnerabilities 2020
The State of Open Source Vulnerabilities 2020

Most Read on DevOps.com

What Is User Acceptance Testing and Why Is it so Important?
June 27, 2022 | Ron Stefanski
Rust in Linux 5.20 | Deepfake Hiring Fraud | IBM WFH ‘New No...
June 30, 2022 | Richi Jennings
Chip-to-Cloud IoT: A Step Toward Web3
June 28, 2022 | Nahla Davies
DevOps Connect: DevSecOps — Building a Modern Cybersecurity ...
June 27, 2022 | Veronica Haggar
The Two Types of Code Vulnerabilities
June 30, 2022 | Casey Bisson

On-Demand Webinars

DevOps.com Webinar ReplaysDevOps.com Webinar Replays
  • Home
  • About DevOps.com
  • Meet our Authors
  • Write for DevOps.com
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • Privacy Policy

Powered by Techstrong Group, Inc.

© 2022 ·Techstrong Group, Inc.All rights reserved.