Blog testing

Browse articles that include the testing tag

security-checklist.png
Detect application vulnerabilities with GitLab’s browser-based DAST Learn why you should include dynamic application security testing as part of a defense-in-depth strategy for software development, and how to migrate from proxy-based DAST. Author: Sara Meadzinger Read Post
Security Secure migration - cover

Migration guide: GitHub Advanced Security to GitLab Ultimate

Understand the similarities and differences between GitLab Ultimate and GitHub Advanced Security. Then follow this in-depth tutorial to make the move to the GitLab DevSecOps platform.

Security code - cover

Integrate external security scanners into your DevSecOps workflow

Learn how to bring Snyk scan results into the merge request widget by parsing JSON artifacts and leveraging the SARIF file format.

Security securitycheck.png

How to integrate custom security scanners into GitLab

Learn how to extend the DevSecOps platform by adding custom security scanners to your workflows (includes an easy-to-follow tutorial).

Security built-in-security.jpeg

How GitLab's Red Team automates C2 testing

Learn how to apply professional development practices to Red Teams using open source command and control tools.

Security securitycheck.png

Tips to configure browser-based DAST scans

Learn how to use the browser-based analyzer with common dynamic application security testing settings, based on web application attributes, to ensure successful scans.

Security applicationsecurity.png

Introducing GitLab browser-based active checks in DAST

As of GitLab 16.4, or DAST 4.0.9, browser-based DAST active scans will search for path traversal vulnerabilities using the GitLab check 22.1 instead of the ZAP alert 6.

Engineering lightsticks.png

Speed up API and microservices delivery with Microcks and GitLab - Part 1

Learn how to configure Microcks for GitLab and what the use cases are for this open source Kubernetes-native tool.

Engineering building-gitlab-with-gitlab-no-type.png

Building GitLab with GitLab: Web API Fuzz Testing

Our new series shows how we dogfood new DevSecOps platform features to ready them for you. First up, security testing.

Engineering post-cover-image.jpg

How to continuously test web apps and APIs with Hurl and GitLab CI/CD

Hurl as a CLI tool can be integrated into the DevSecOps platform to continuously verify, test, and monitor targets. It also offers integrated unit test reports in GitLab CI/CD.

Ready to get started?

See what your team could do with a unified DevSecOps Platform.

Get free trial

New to GitLab and not sure where to start?

Get started guide

Learn about what GitLab can do for your team

Talk to an expert