Category Direction - Security Benchmarking

Description

概要

GitLab will perform regular benchmarking of our own security scanners. This allows us to understand our effectiveness relative to the market and helps us focus improvements where they are most needed.

Goal

Our goal with this category is to understand how our security tools compare to other open-source security tools in terms of security effectiveness.

Sub-goals of this category include:

  1. Be able to provide this information to field staff and GitLab users who are concerned about the efficacy of our tools.
  2. Give specific feedback to other categories on which parts can be improved and should have a higher level of focus.
  3. Provide leadership within GitLab for conducting technical evaluations of security products and using fair testing and reporting methods.

Roadmap

TBD

What's Next & Why

We will start by creating a set of benchmarks for our existing scanners, such as SAST, DAST, and Container Scanning. The results will be published so that they can be viewed by GitLab team members and GitLab users.

Maturity Plan

On an ongoing basis, we will update and refresh our existing benchmarks to incorporate updates to existing scanners and evaluate any new tools that have been released since the previous benchmark tests.

Competitive Landscape

TBD

Analyst Landscape

TBD

Top Customer Success/Sales Issue(s)

TBD

Top user issue(s)

TBD

Top internal customer issue(s)

TBD

Top Vision Item(s)