[{"data":1,"prerenderedAt":701},["ShallowReactive",2],{"/en-us/blog/comply-with-nist-secure-supply-chain-framework-with-gitlab/":3,"navigation-en-us":36,"banner-en-us":447,"footer-en-us":460,"Sandra Gittlen":671,"next-steps-en-us":686},{"_path":4,"_dir":5,"_draft":6,"_partial":6,"_locale":7,"seo":8,"content":16,"config":26,"_id":29,"_type":30,"title":31,"_source":32,"_file":33,"_stem":34,"_extension":35},"/en-us/blog/comply-with-nist-secure-supply-chain-framework-with-gitlab","blog",false,"",{"title":9,"description":10,"ogTitle":9,"ogDescription":10,"noIndex":6,"ogImage":11,"ogUrl":12,"ogSiteName":13,"ogType":14,"canonicalUrls":12,"schema":15},"Comply with NIST's secure software supply chain framework with GitLab","The U.S. government's Secure Software Development Framework has four key practices. GitLab's DevOps platform has features to address them all.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749667094/Blog/Hero%20Images/container-security.jpg","https://about.gitlab.com/blog/comply-with-nist-secure-supply-chain-framework-with-gitlab","https://about.gitlab.com","article","\n                        {\n        \"@context\": \"https://schema.org\",\n        \"@type\": \"Article\",\n        \"headline\": \"Comply with NIST's secure software supply chain framework with GitLab\",\n        \"author\": [{\"@type\":\"Person\",\"name\":\"Sandra Gittlen\"}],\n        \"datePublished\": \"2022-03-29\",\n      }",{"title":9,"description":10,"authors":17,"heroImage":11,"date":19,"body":20,"category":21,"tags":22},[18],"Sandra Gittlen","2022-03-29","\nThe U.S. government, in March, released an update to its framework to secure agencies’ software supply chains, which are under [increasing risk of attack](https://www.whitehouse.gov/briefing-room/statements-releases/2022/03/21/statement-by-president-biden-on-our-nations-cybersecurity/). The National Institute of Standards and Technology (NIST) unveiled the Secure Software Development Framework (SSDF) 1.1, which calls for tighter controls throughout the software development lifecycle and describes a set of best practices for organizations – and their third-party suppliers – to follow.\n\nThe [SSDF](https://csrc.nist.gov/News/2022/nist-publishes-sp-800-218-ssdf-v11) focuses on how organizations can protect software supply chains, regardless of technology, platform, programming language, or operating environment, in large part by introducing security early in the DevOps process. There are four key practices:\n\n- prepare the organization\n\n- protect software (all components of the software should be safe from tampering and unauthorized access)\n\n- produce well-secured software (with minimal security vulnerabilities in its releases)\n\n- respond to vulnerabilities\n\n“The goal of the SSDF, in my opinion, is to bring all agencies and their suppliers to the same place in terms of secure software development,” says Joel Krooswyk, senior manager of Solutions Architecture at GitLab. “The framework gets everyone on the same page and speaking the same language, which will inevitably help them to be more effective against whatever threats may come.”\n\nWhile some agencies, such as the Department of Defense and Central Intelligence Agency, might be more sophisticated in the security and compliance of their software supply chains, other public sector organizations are less advanced, using a raft of ad-hoc legacy applications to manually handle vulnerabilities.\n\nThe SSDF undoubtedly will drive all government agencies to direct resources – human and technological – toward [automating supply chain security](/blog/gitlab-supply-chain-security/). To ensure that they meet the measure of the framework without overburdening their teams and budgets, organizations should consider deploying GitLab, a single DevOps platform that has security built in early in the development lifecycle, end-to-end, and with maximum visibility. \n\nHere’s how GitLab addresses the specific practices within the SSDF:\n\n**1. Prepare the organization**\n\nGitLab helps organizations ensure that their people, processes, and technology are prepared to perform security software development, in line with SSDF best practices.\n\nThe GitLab DevOps platform features:\n\n- Strong [policy management](https://docs.gitlab.com/ee/administration/compliance.html) and role-based permissions models with LDAP, single sign-on, and multifactor authentication support\n\n- [Sophisticated security dashboards](https://docs.gitlab.com/ee/user/application_security/security_dashboard/) with severity and trends to provide all stakeholders visibility and observability into the software development lifecycle \n\n- Scaled agile process support, which is enabled through epics and issues and other documentation, making for a completely auditable environment\n\n- Simplified implementation of a zero-trust security framework with the DevOps platform\n\n**2. Protect the software**\n\nThe SSDF guides organizations to protect all components of their software from tampering and unauthorized access.\n\nGitLab helps organizations accomplish this through the use of:\n\n- [source code management](https://about.gitlab.com/solutions/source-code-management/)\n\n- commit signatures\n\n- code reviews\n\n- [Hardened containers](/press/releases/2020-07-01-gitlab-announces-hardened-container-image-in-support-of-the-us-department-of-defense-enterprise-devsecops-initiative/)\n\n- role-based, read-only controls\n\n- [Merge-request approvals](https://docs.gitlab.com/ee/user/project/merge_requests/approvals/) \n\n- [Software Bill of Materials (SBOM)](https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#cyclonedx-software-bill-of-materials) data per release\n\n- security scanning in [offline environments](https://docs.gitlab.com/ee/user/application_security/offline_deployments/)\n\n**3. Produce well-secured software**\n\nAccording to the SSDF, organizations should produce well-secured software with minimal security vulnerabilities in its releases.\n\nThe GitLab DevOps platform is purpose-built for this best practice and includes:\n\n- credential management\n\n- code reviews and approvals\n\n- centralized mitigation with vulnerability reports\n\n- [security scanning](https://docs.gitlab.com/ee/user/application_security/) (DAST, SAST, fuzz testing, secret detection, and more) that is integrated into the developer workflow\n\n- [continuous compliance](/solutions/compliance/) enforcement capabilities that enable organizations to tailor their pipeline reviews and security scans to all their applicable compliance mandates\n\n- the ability to find and fix vulnerabilities early on in development without building complex integrations\n\n**4. Respond to vulnerabilities**\n\nThe SSDF wants organizations to be able to identify residual vulnerabilities in their software releases and respond appropriately to address those vulnerabilities and prevent similar ones from occurring in the future.\n\nGitLab enables organizations to find and fix vulnerabilities early in the development process. The GitLab DevOps platform also features:\n\n- automatic updates for the Common Vulnerabilities and Exposures (CVE) database\n\n- the ability to contribute/disclose vulnerabilities directly via GitLab\n\n- [Auto DevOps](https://docs.gitlab.com/ee/topics/autodevops/) best practice scanning\n\n- status, severity, and related activity exposed on the [Vulnerability Report](https://docs.gitlab.com/ee/user/application_security/vulnerability_report/) page\n\n- integrated learning tools to learn about found vulnerabilities in real-time\n\n- on-demand scanning to look for new vulnerabilities in existing code\n\nUsing GitLab's DevOps platform, government agencies, and their suppliers, can apply the best practices set forth in the SSDF and ensure the software supply chain meets the requirements of other mandates through [continuous compliance](/solutions/compliance/).\n\n[Try GitLab Ultimate for free](/solutions/public-sector/)\n","security",[23,24,21,25],"DevSecOps","DevSecOps platform","public sector",{"slug":27,"featured":6,"template":28},"comply-with-nist-secure-supply-chain-framework-with-gitlab","BlogPost","content:en-us:blog:comply-with-nist-secure-supply-chain-framework-with-gitlab.yml","yaml","Comply With Nist Secure Supply Chain Framework With Gitlab","content","en-us/blog/comply-with-nist-secure-supply-chain-framework-with-gitlab.yml","en-us/blog/comply-with-nist-secure-supply-chain-framework-with-gitlab","yml",{"_path":37,"_dir":38,"_draft":6,"_partial":6,"_locale":7,"data":39,"_id":443,"_type":30,"title":444,"_source":32,"_file":445,"_stem":446,"_extension":35},"/shared/en-us/main-navigation","en-us",{"logo":40,"freeTrial":45,"sales":50,"login":55,"items":60,"search":389,"minimal":420,"duo":434},{"config":41},{"href":42,"dataGaName":43,"dataGaLocation":44},"/","gitlab logo","header",{"text":46,"config":47},"Get free trial",{"href":48,"dataGaName":49,"dataGaLocation":44},"https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com&glm_content=default-saas-trial/","free trial",{"text":51,"config":52},"Talk to sales",{"href":53,"dataGaName":54,"dataGaLocation":44},"/sales/","sales",{"text":56,"config":57},"Sign in",{"href":58,"dataGaName":59,"dataGaLocation":44},"https://gitlab.com/users/sign_in/","sign in",[61,105,200,205,310,370],{"text":62,"config":63,"cards":65,"footer":88},"Platform",{"dataNavLevelOne":64},"platform",[66,72,80],{"title":62,"description":67,"link":68},"The most comprehensive AI-powered DevSecOps Platform",{"text":69,"config":70},"Explore our Platform",{"href":71,"dataGaName":64,"dataGaLocation":44},"/platform/",{"title":73,"description":74,"link":75},"GitLab Duo (AI)","Build software faster with AI at every stage of development",{"text":76,"config":77},"Meet GitLab Duo",{"href":78,"dataGaName":79,"dataGaLocation":44},"/gitlab-duo/","gitlab duo ai",{"title":81,"description":82,"link":83},"Why GitLab","10 reasons why Enterprises choose GitLab",{"text":84,"config":85},"Learn more",{"href":86,"dataGaName":87,"dataGaLocation":44},"/why-gitlab/","why gitlab",{"title":89,"items":90},"Get started with",[91,96,101],{"text":92,"config":93},"Platform Engineering",{"href":94,"dataGaName":95,"dataGaLocation":44},"/solutions/platform-engineering/","platform engineering",{"text":97,"config":98},"Developer Experience",{"href":99,"dataGaName":100,"dataGaLocation":44},"/developer-experience/","Developer experience",{"text":102,"config":103},"MLOps",{"href":104,"dataGaName":102,"dataGaLocation":44},"/topics/devops/the-role-of-ai-in-devops/",{"text":106,"left":107,"config":108,"link":110,"lists":114,"footer":183},"Product",true,{"dataNavLevelOne":109},"solutions",{"text":111,"config":112},"View all Solutions",{"href":113,"dataGaName":109,"dataGaLocation":44},"/solutions/",[115,140,162],{"title":116,"description":117,"link":118,"items":123},"Automation","CI/CD and automation to accelerate deployment",{"config":119},{"icon":120,"href":121,"dataGaName":122,"dataGaLocation":44},"AutomatedCodeAlt","/solutions/delivery-automation/","automated software delivery",[124,128,132,136],{"text":125,"config":126},"CI/CD",{"href":127,"dataGaLocation":44,"dataGaName":125},"/solutions/continuous-integration/",{"text":129,"config":130},"AI-Assisted Development",{"href":78,"dataGaLocation":44,"dataGaName":131},"AI assisted development",{"text":133,"config":134},"Source Code Management",{"href":135,"dataGaLocation":44,"dataGaName":133},"/solutions/source-code-management/",{"text":137,"config":138},"Automated Software Delivery",{"href":121,"dataGaLocation":44,"dataGaName":139},"Automated software delivery",{"title":141,"description":142,"link":143,"items":148},"Security","Deliver code faster without compromising security",{"config":144},{"href":145,"dataGaName":146,"dataGaLocation":44,"icon":147},"/solutions/security-compliance/","security and compliance","ShieldCheckLight",[149,152,157],{"text":150,"config":151},"Security & Compliance",{"href":145,"dataGaLocation":44,"dataGaName":150},{"text":153,"config":154},"Software Supply Chain Security",{"href":155,"dataGaLocation":44,"dataGaName":156},"/solutions/supply-chain/","Software supply chain security",{"text":158,"config":159},"Compliance & Governance",{"href":160,"dataGaLocation":44,"dataGaName":161},"/solutions/continuous-software-compliance/","Compliance and governance",{"title":163,"link":164,"items":169},"Measurement",{"config":165},{"icon":166,"href":167,"dataGaName":168,"dataGaLocation":44},"DigitalTransformation","/solutions/visibility-measurement/","visibility and measurement",[170,174,178],{"text":171,"config":172},"Visibility & Measurement",{"href":167,"dataGaLocation":44,"dataGaName":173},"Visibility and Measurement",{"text":175,"config":176},"Value Stream Management",{"href":177,"dataGaLocation":44,"dataGaName":175},"/solutions/value-stream-management/",{"text":179,"config":180},"Analytics & Insights",{"href":181,"dataGaLocation":44,"dataGaName":182},"/solutions/analytics-and-insights/","Analytics and insights",{"title":184,"items":185},"GitLab for",[186,191,196],{"text":187,"config":188},"Enterprise",{"href":189,"dataGaLocation":44,"dataGaName":190},"/enterprise/","enterprise",{"text":192,"config":193},"Small Business",{"href":194,"dataGaLocation":44,"dataGaName":195},"/small-business/","small business",{"text":197,"config":198},"Public Sector",{"href":199,"dataGaLocation":44,"dataGaName":25},"/solutions/public-sector/",{"text":201,"config":202},"Pricing",{"href":203,"dataGaName":204,"dataGaLocation":44,"dataNavLevelOne":204},"/pricing/","pricing",{"text":206,"config":207,"link":209,"lists":213,"feature":297},"Resources",{"dataNavLevelOne":208},"resources",{"text":210,"config":211},"View all resources",{"href":212,"dataGaName":208,"dataGaLocation":44},"/resources/",[214,247,269],{"title":215,"items":216},"Getting started",[217,222,227,232,237,242],{"text":218,"config":219},"Install",{"href":220,"dataGaName":221,"dataGaLocation":44},"/install/","install",{"text":223,"config":224},"Quick start guides",{"href":225,"dataGaName":226,"dataGaLocation":44},"/get-started/","quick setup checklists",{"text":228,"config":229},"Learn",{"href":230,"dataGaLocation":44,"dataGaName":231},"https://university.gitlab.com/","learn",{"text":233,"config":234},"Product documentation",{"href":235,"dataGaName":236,"dataGaLocation":44},"https://docs.gitlab.com/","product documentation",{"text":238,"config":239},"Best practice videos",{"href":240,"dataGaName":241,"dataGaLocation":44},"/getting-started-videos/","best practice videos",{"text":243,"config":244},"Integrations",{"href":245,"dataGaName":246,"dataGaLocation":44},"/integrations/","integrations",{"title":248,"items":249},"Discover",[250,255,259,264],{"text":251,"config":252},"Customer success stories",{"href":253,"dataGaName":254,"dataGaLocation":44},"/customers/","customer success stories",{"text":256,"config":257},"Blog",{"href":258,"dataGaName":5,"dataGaLocation":44},"/blog/",{"text":260,"config":261},"Remote",{"href":262,"dataGaName":263,"dataGaLocation":44},"https://handbook.gitlab.com/handbook/company/culture/all-remote/","remote",{"text":265,"config":266},"TeamOps",{"href":267,"dataGaName":268,"dataGaLocation":44},"/teamops/","teamops",{"title":270,"items":271},"Connect",[272,277,282,287,292],{"text":273,"config":274},"GitLab Services",{"href":275,"dataGaName":276,"dataGaLocation":44},"/services/","services",{"text":278,"config":279},"Community",{"href":280,"dataGaName":281,"dataGaLocation":44},"/community/","community",{"text":283,"config":284},"Forum",{"href":285,"dataGaName":286,"dataGaLocation":44},"https://forum.gitlab.com/","forum",{"text":288,"config":289},"Events",{"href":290,"dataGaName":291,"dataGaLocation":44},"/events/","events",{"text":293,"config":294},"Partners",{"href":295,"dataGaName":296,"dataGaLocation":44},"/partners/","partners",{"backgroundColor":298,"textColor":299,"text":300,"image":301,"link":305},"#2f2a6b","#fff","Insights for the future of software development",{"altText":302,"config":303},"the source promo card",{"src":304},"/images/navigation/the-source-promo-card.svg",{"text":306,"config":307},"Read the latest",{"href":308,"dataGaName":309,"dataGaLocation":44},"/the-source/","the source",{"text":311,"config":312,"lists":314},"Company",{"dataNavLevelOne":313},"company",[315],{"items":316},[317,322,328,330,335,340,345,350,355,360,365],{"text":318,"config":319},"About",{"href":320,"dataGaName":321,"dataGaLocation":44},"/company/","about",{"text":323,"config":324,"footerGa":327},"Jobs",{"href":325,"dataGaName":326,"dataGaLocation":44},"/jobs/","jobs",{"dataGaName":326},{"text":288,"config":329},{"href":290,"dataGaName":291,"dataGaLocation":44},{"text":331,"config":332},"Leadership",{"href":333,"dataGaName":334,"dataGaLocation":44},"/company/team/e-group/","leadership",{"text":336,"config":337},"Team",{"href":338,"dataGaName":339,"dataGaLocation":44},"/company/team/","team",{"text":341,"config":342},"Handbook",{"href":343,"dataGaName":344,"dataGaLocation":44},"https://handbook.gitlab.com/","handbook",{"text":346,"config":347},"Investor relations",{"href":348,"dataGaName":349,"dataGaLocation":44},"https://ir.gitlab.com/","investor relations",{"text":351,"config":352},"Trust Center",{"href":353,"dataGaName":354,"dataGaLocation":44},"/security/","trust center",{"text":356,"config":357},"AI Transparency Center",{"href":358,"dataGaName":359,"dataGaLocation":44},"/ai-transparency-center/","ai transparency center",{"text":361,"config":362},"Newsletter",{"href":363,"dataGaName":364,"dataGaLocation":44},"/company/contact/","newsletter",{"text":366,"config":367},"Press",{"href":368,"dataGaName":369,"dataGaLocation":44},"/press/","press",{"text":371,"config":372,"lists":373},"Contact us",{"dataNavLevelOne":313},[374],{"items":375},[376,379,384],{"text":51,"config":377},{"href":53,"dataGaName":378,"dataGaLocation":44},"talk to sales",{"text":380,"config":381},"Get help",{"href":382,"dataGaName":383,"dataGaLocation":44},"/support/","get help",{"text":385,"config":386},"Customer portal",{"href":387,"dataGaName":388,"dataGaLocation":44},"https://customers.gitlab.com/customers/sign_in/","customer portal",{"close":390,"login":391,"suggestions":398},"Close",{"text":392,"link":393},"To search repositories and projects, login to",{"text":394,"config":395},"gitlab.com",{"href":58,"dataGaName":396,"dataGaLocation":397},"search login","search",{"text":399,"default":400},"Suggestions",[401,403,407,409,413,417],{"text":73,"config":402},{"href":78,"dataGaName":73,"dataGaLocation":397},{"text":404,"config":405},"Code Suggestions (AI)",{"href":406,"dataGaName":404,"dataGaLocation":397},"/solutions/code-suggestions/",{"text":125,"config":408},{"href":127,"dataGaName":125,"dataGaLocation":397},{"text":410,"config":411},"GitLab on AWS",{"href":412,"dataGaName":410,"dataGaLocation":397},"/partners/technology-partners/aws/",{"text":414,"config":415},"GitLab on Google Cloud",{"href":416,"dataGaName":414,"dataGaLocation":397},"/partners/technology-partners/google-cloud-platform/",{"text":418,"config":419},"Why GitLab?",{"href":86,"dataGaName":418,"dataGaLocation":397},{"freeTrial":421,"mobileIcon":426,"desktopIcon":431},{"text":422,"config":423},"Start free trial",{"href":424,"dataGaName":49,"dataGaLocation":425},"https://gitlab.com/-/trials/new/","nav",{"altText":427,"config":428},"Gitlab Icon",{"src":429,"dataGaName":430,"dataGaLocation":425},"/images/brand/gitlab-logo-tanuki.svg","gitlab icon",{"altText":427,"config":432},{"src":433,"dataGaName":430,"dataGaLocation":425},"/images/brand/gitlab-logo-type.svg",{"freeTrial":435,"mobileIcon":439,"desktopIcon":441},{"text":436,"config":437},"Learn more about GitLab Duo",{"href":78,"dataGaName":438,"dataGaLocation":425},"gitlab duo",{"altText":427,"config":440},{"src":429,"dataGaName":430,"dataGaLocation":425},{"altText":427,"config":442},{"src":433,"dataGaName":430,"dataGaLocation":425},"content:shared:en-us:main-navigation.yml","Main Navigation","shared/en-us/main-navigation.yml","shared/en-us/main-navigation",{"_path":448,"_dir":38,"_draft":6,"_partial":6,"_locale":7,"title":449,"titleMobile":449,"button":450,"config":455,"_id":457,"_type":30,"_source":32,"_file":458,"_stem":459,"_extension":35},"/shared/en-us/banner","GitLab 18 & the next step in intelligent DevSecOps. Join us June 24.",{"text":451,"config":452},"Register now",{"href":453,"dataGaName":454,"dataGaLocation":44},"/eighteen/","gitlab 18 banner",{"layout":456},"release","content:shared:en-us:banner.yml","shared/en-us/banner.yml","shared/en-us/banner",{"_path":461,"_dir":38,"_draft":6,"_partial":6,"_locale":7,"data":462,"_id":667,"_type":30,"title":668,"_source":32,"_file":669,"_stem":670,"_extension":35},"/shared/en-us/main-footer",{"text":463,"source":464,"edit":470,"contribute":475,"config":480,"items":485,"minimal":659},"Git is a trademark of Software Freedom Conservancy and our use of 'GitLab' is under license",{"text":465,"config":466},"View page source",{"href":467,"dataGaName":468,"dataGaLocation":469},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/","page source","footer",{"text":471,"config":472},"Edit this page",{"href":473,"dataGaName":474,"dataGaLocation":469},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/content/","web ide",{"text":476,"config":477},"Please contribute",{"href":478,"dataGaName":479,"dataGaLocation":469},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/CONTRIBUTING.md/","please contribute",{"twitter":481,"facebook":482,"youtube":483,"linkedin":484},"https://twitter.com/gitlab","https://www.facebook.com/gitlab","https://www.youtube.com/channel/UCnMGQ8QHMAnVIsI3xJrihhg","https://www.linkedin.com/company/gitlab-com",[486,508,565,594,629],{"title":62,"links":487,"subMenu":491},[488],{"text":24,"config":489},{"href":71,"dataGaName":490,"dataGaLocation":469},"devsecops platform",[492],{"title":201,"links":493},[494,498,503],{"text":495,"config":496},"View plans",{"href":203,"dataGaName":497,"dataGaLocation":469},"view plans",{"text":499,"config":500},"Why Premium?",{"href":501,"dataGaName":502,"dataGaLocation":469},"/pricing/premium/","why premium",{"text":504,"config":505},"Why Ultimate?",{"href":506,"dataGaName":507,"dataGaLocation":469},"/pricing/ultimate/","why ultimate",{"title":509,"links":510},"Solutions",[511,516,519,521,526,531,535,538,542,547,549,552,555,560],{"text":512,"config":513},"Digital transformation",{"href":514,"dataGaName":515,"dataGaLocation":469},"/solutions/digital-transformation/","digital transformation",{"text":150,"config":517},{"href":145,"dataGaName":518,"dataGaLocation":469},"security & compliance",{"text":139,"config":520},{"href":121,"dataGaName":122,"dataGaLocation":469},{"text":522,"config":523},"Agile development",{"href":524,"dataGaName":525,"dataGaLocation":469},"/solutions/agile-delivery/","agile delivery",{"text":527,"config":528},"Cloud transformation",{"href":529,"dataGaName":530,"dataGaLocation":469},"/solutions/cloud-native/","cloud transformation",{"text":532,"config":533},"SCM",{"href":135,"dataGaName":534,"dataGaLocation":469},"source code management",{"text":125,"config":536},{"href":127,"dataGaName":537,"dataGaLocation":469},"continuous integration & delivery",{"text":539,"config":540},"Value stream management",{"href":177,"dataGaName":541,"dataGaLocation":469},"value stream management",{"text":543,"config":544},"GitOps",{"href":545,"dataGaName":546,"dataGaLocation":469},"/solutions/gitops/","gitops",{"text":187,"config":548},{"href":189,"dataGaName":190,"dataGaLocation":469},{"text":550,"config":551},"Small business",{"href":194,"dataGaName":195,"dataGaLocation":469},{"text":553,"config":554},"Public sector",{"href":199,"dataGaName":25,"dataGaLocation":469},{"text":556,"config":557},"Education",{"href":558,"dataGaName":559,"dataGaLocation":469},"/solutions/education/","education",{"text":561,"config":562},"Financial services",{"href":563,"dataGaName":564,"dataGaLocation":469},"/solutions/finance/","financial services",{"title":206,"links":566},[567,569,571,573,576,578,580,582,584,586,588,590,592],{"text":218,"config":568},{"href":220,"dataGaName":221,"dataGaLocation":469},{"text":223,"config":570},{"href":225,"dataGaName":226,"dataGaLocation":469},{"text":228,"config":572},{"href":230,"dataGaName":231,"dataGaLocation":469},{"text":233,"config":574},{"href":235,"dataGaName":575,"dataGaLocation":469},"docs",{"text":256,"config":577},{"href":258,"dataGaName":5,"dataGaLocation":469},{"text":251,"config":579},{"href":253,"dataGaName":254,"dataGaLocation":469},{"text":260,"config":581},{"href":262,"dataGaName":263,"dataGaLocation":469},{"text":273,"config":583},{"href":275,"dataGaName":276,"dataGaLocation":469},{"text":265,"config":585},{"href":267,"dataGaName":268,"dataGaLocation":469},{"text":278,"config":587},{"href":280,"dataGaName":281,"dataGaLocation":469},{"text":283,"config":589},{"href":285,"dataGaName":286,"dataGaLocation":469},{"text":288,"config":591},{"href":290,"dataGaName":291,"dataGaLocation":469},{"text":293,"config":593},{"href":295,"dataGaName":296,"dataGaLocation":469},{"title":311,"links":595},[596,598,600,602,604,606,608,613,618,620,622,624],{"text":318,"config":597},{"href":320,"dataGaName":313,"dataGaLocation":469},{"text":323,"config":599},{"href":325,"dataGaName":326,"dataGaLocation":469},{"text":331,"config":601},{"href":333,"dataGaName":334,"dataGaLocation":469},{"text":336,"config":603},{"href":338,"dataGaName":339,"dataGaLocation":469},{"text":341,"config":605},{"href":343,"dataGaName":344,"dataGaLocation":469},{"text":346,"config":607},{"href":348,"dataGaName":349,"dataGaLocation":469},{"text":609,"config":610},"Environmental, social and governance (ESG)",{"href":611,"dataGaName":612,"dataGaLocation":469},"/environmental-social-governance/","environmental, social and governance",{"text":614,"config":615},"Diversity, inclusion and belonging (DIB)",{"href":616,"dataGaName":617,"dataGaLocation":469},"/diversity-inclusion-belonging/","Diversity, inclusion and belonging",{"text":351,"config":619},{"href":353,"dataGaName":354,"dataGaLocation":469},{"text":361,"config":621},{"href":363,"dataGaName":364,"dataGaLocation":469},{"text":366,"config":623},{"href":368,"dataGaName":369,"dataGaLocation":469},{"text":625,"config":626},"Modern Slavery Transparency Statement",{"href":627,"dataGaName":628,"dataGaLocation":469},"https://handbook.gitlab.com/handbook/legal/modern-slavery-act-transparency-statement/","modern slavery transparency statement",{"title":630,"links":631},"Contact Us",[632,635,637,639,644,649,654],{"text":633,"config":634},"Contact an expert",{"href":53,"dataGaName":54,"dataGaLocation":469},{"text":380,"config":636},{"href":382,"dataGaName":383,"dataGaLocation":469},{"text":385,"config":638},{"href":387,"dataGaName":388,"dataGaLocation":469},{"text":640,"config":641},"Status",{"href":642,"dataGaName":643,"dataGaLocation":469},"https://status.gitlab.com/","status",{"text":645,"config":646},"Terms of use",{"href":647,"dataGaName":648,"dataGaLocation":469},"/terms/","terms of use",{"text":650,"config":651},"Privacy statement",{"href":652,"dataGaName":653,"dataGaLocation":469},"/privacy/","privacy statement",{"text":655,"config":656},"Cookie preferences",{"dataGaName":657,"dataGaLocation":469,"id":658,"isOneTrustButton":107},"cookie preferences","ot-sdk-btn",{"items":660},[661,663,665],{"text":645,"config":662},{"href":647,"dataGaName":648,"dataGaLocation":469},{"text":650,"config":664},{"href":652,"dataGaName":653,"dataGaLocation":469},{"text":655,"config":666},{"dataGaName":657,"dataGaLocation":469,"id":658,"isOneTrustButton":107},"content:shared:en-us:main-footer.yml","Main Footer","shared/en-us/main-footer.yml","shared/en-us/main-footer",[672],{"_path":673,"_dir":674,"_draft":6,"_partial":6,"_locale":7,"content":675,"config":681,"_id":683,"_type":30,"title":18,"_source":32,"_file":684,"_stem":685,"_extension":35},"/en-us/blog/authors/sandra-gittlen","authors",{"role":676,"name":18,"config":677},"Managing Editor, GitLab Blog",{"headshot":678,"linkedin":679,"ctfId":680},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1749659648/Blog/Author%20Headshots/Sgittlen-headshot.jpg","https://www.linkedin.com/in/sandra-gittlen-48557a294/","sgittlen",{"template":682},"BlogAuthor","content:en-us:blog:authors:sandra-gittlen.yml","en-us/blog/authors/sandra-gittlen.yml","en-us/blog/authors/sandra-gittlen",{"_path":687,"_dir":38,"_draft":6,"_partial":6,"_locale":7,"header":688,"eyebrow":689,"blurb":690,"button":691,"secondaryButton":695,"_id":697,"_type":30,"title":698,"_source":32,"_file":699,"_stem":700,"_extension":35},"/shared/en-us/next-steps","Start shipping better software faster","50%+ of the Fortune 100 trust GitLab","See what your team can do with the intelligent\n\n\nDevSecOps platform.\n",{"text":46,"config":692},{"href":693,"dataGaName":49,"dataGaLocation":694},"https://gitlab.com/-/trial_registrations/new?glm_content=default-saas-trial&glm_source=about.gitlab.com/","feature",{"text":51,"config":696},{"href":53,"dataGaName":54,"dataGaLocation":694},"content:shared:en-us:next-steps.yml","Next Steps","shared/en-us/next-steps.yml","shared/en-us/next-steps",1751484561385]