Security Standards
These standards define a baseline set of security requirements that must be implemented and followed.
List of active internal standards
Please visit the internal security standards
List of active public standards
- GitLab Cryptography Standard
- GitLab Data Classification Standard
- GitLab Password Standards
- GitLab Projects Baseline Requirements
- GitLab Security Logging Standards
- GitLab Token Management Standard
- Physical Security Standard for Company Assets
- Records Retention & Disposal
- Software Development Lifecycle Standard
Last modified May 16, 2025: Move existing security standards to new section, which includes an index (
840eb803)
