Category Direction - Security Benchmarking



GitLab will perform regular benchmarking of our own security scanners. This allows us to understand our effectiveness relative to the market and helps us focus improvements where they are most needed.


Our goal with this category is to understand how our security tools compare to other open-source security tools in terms of security effectiveness.

Sub-goals of this category include:

  1. Be able to provide this information to field staff and GitLab users who are concerned about the efficacy of our tools.
  2. Give specific feedback to other categories on which parts can be improved and should have a higher level of focus.
  3. Provide leadership within GitLab for conducting technical evaluations of security products and using fair testing and reporting methods.



What's Next & Why

We will start by creating a set of benchmarks for our existing scanners, such as SAST, DAST, and Container Scanning. The results will be published so that they can be viewed by GitLab team members and GitLab users.

Maturity Plan

On an ongoing basis, we will update and refresh our existing benchmarks to incorporate updates to existing scanners and evaluate any new tools that have been released since the previous benchmark tests.

Competitive Landscape


Analyst Landscape


Top Customer Success/Sales Issue(s)


Top user issue(s)


Top internal customer issue(s)


Top Vision Item(s)