GitLab will perform regular benchmarking of our own security scanners. This allows us to understand our effectiveness relative to the market and helps us focus improvements where they are most needed.
Our goal with this category is to understand how our security tools compare to other open-source security tools in terms of security effectiveness.
Sub-goals of this category include:
TBD
We will start by creating a set of benchmarks for our existing scanners, such as SAST, DAST, and Container Scanning. The results will be published so that they can be viewed by GitLab team members and GitLab users.
On an ongoing basis, we will update and refresh our existing benchmarks to incorporate updates to existing scanners and evaluate any new tools that have been released since the previous benchmark tests.
TBD
TBD
TBD
TBD
TBD