Today we’re excited to announce the launch of GitLab’s Open Source Security Hub — a central repository of security-focused projects developed by GitLab’s internal security team. These tools are designed to help developers, security practitioners, and organizations build safer, more secure software, and more resilient security programs.
Securing systems is an ongoing challenge for businesses as threat actors continually adapt to new technologies and find creative ways to exploit organizations. Not only are they evolving their tactics, techniques and procedures, but they’re also collaborating through criminal networks, sharing strategies, stolen data, and malicious tools to launch coordinated attacks at scale.
As these threats grow in complexity, community-driven collaboration is one of our most powerful defenses. It’s a notion we’ve long understood in security — that defending against adversaries is a shared responsibility. By working together as a community, we can accelerate our collective intelligence and stay ahead of adversaries.
In open-sourcing our security solutions, we aim to empower teams to adapt faster, respond smarter, and defend better — together.
Why open source security?
At GitLab, open source isn’t just part of our technology — it’s part of our founding story.
Since day one, we’ve championed the open source philosophy, believing that transparency, collaboration, and community-driven development are keys to building better software. Over the years, GitLab has fostered an open source community with more than 4,000 contributors and has provided a comprehensive DevSecOps platform through its open source Community Edition.
We’ve also been inspired by industry leaders like Crowdstrike and Palo Alto Networks, who have shown that open-sourcing security tools not only improves innovation but also strengthens the entire security ecosystem. Following in their footsteps, GitLab is committed to supporting the community by sharing tools, templates, and frameworks developed by our security teams.
Explore our featured open source security projects
We’re launching the Open Source Security Hub with a range of projects designed to enhance security operations and risk management. Here are some of the featured projects:
-
StORM templates: Streamline your security risk program with templates that standardize risk tracking and reporting.
-
GUARD Framework: Automate response and detection with a detections-as-code approach that simplifies detection creation, maintenance, and alert routing.
-
GitLab CIS Benchmark Scanner: Improve your project’s security posture by auditing against the Center for Internet Security GitLab Benchmark.
Whether you’re a security engineer, researcher, or developer, your expertise and contributions are invaluable. Join us in strengthening the security ecosystem and collaborating with a community dedicated to making software safer for everyone.
Explore GitLab’s Open Source Security Hub and contribute to the next chapter of open source security.
