Security Services Delivery Kit

GitLab Professional Services offers two engagement types related to application security.

From the GitLab website:

The GitLab platform provides an opportunity to transform the way your business automates security processes. However, transitioning and transforming from your current security process to an automated, manageable, and consistent workflow in your GitLab deployment requires customized configuration from security professsionals. Engage with GitLab experts to solve specific security challenges and unlock all of the benefits of the GitLab Platform.

DevSecOps Workshop

The DevSecOps Workshop is a fixed-price advisory engagement for customers new to GitLab Ultimate that demonstrates core security features through a pre-built demo project and provides roadmapping sessions to help organizations adopt and integrate GitLab's security capabilities into their development workflows. It is a purely advisory engagement where delivery team members do not have access to the client's environments and code. For hands-on engineering, customers should purchase the DevSecOps Transformation service (below).

From the GitLab website:

The DevSecOps workshop offering allows for GitLab engineers to show off GitLab Security features and demonstrate core security policy automation benefits as well as provide strategic guidance to create a roadmap to kick start your security journey with GitLab.

Fact sheet (Google Drive)

Security Consulting / DevSecOps Transformation

The DevSecOps Transformation directly supports customers along their adoption journey with Application Security Testing, Security Risk Management, and Software Supply Chain Security, to reduce security and compliance risk across the organization. It is a hands-on engineering engagement where delivery team members will have access to the client's environments and code.

From the GitLab website:

For customers who want to transform the way they secure software using GitLab CI, we provide a skilled GitLab engineer to help define and implement security policies, triage vulnerabilities, and audit your GitLab deployment in an automated, scalable way.

Fact sheet (Google Drive)